This State Police Can Extract Data From Any Android, iPhone Using These Tools & Software
Much has been reported about how American law enforcement agencies break into smartphones, especially iPhones, but the capabilities of their Indian counterparts have remained shrouded in mystery.
However, Delhi Police is one of the few enforcement agencies in India which has the tools to extract data from locked smartphones, including iPhones. The effectiveness and success rate, however, of such tools remains under question.
The DCP, Cyber Crime Cell, Delhi Police said that “All the forensic tools through which data can be extracted, they are available”.
The need for this data extraction process is determined by the need of the investigation, what type of data the investigating officer is looking for, and how much data can be extracted from the device, he said. MediaNama saw these tools during our tour of the facility.
Delhi Police Can Access Data With Limited Success:-
Despite Apple’s famous refusal to build a backdoor to its iPhones at the behest of the FBI, data extraction tools like Cellebrite’s UFED enable law enforcement agencies to break into locked iPhones without the manufacturer’s assistance. For instance, within three weeks of the launch of iOS 14, Cellebrite had announced data extraction support for the latest operating system.
These data extraction tools, especially Cellebrite’s UFED, are capable of extracting all data, current and, to some extent, deleted from both locked and unlocked devices. Cellebrite UFED at the NCFL supports 35,000 phone models and allows them to extract drone footage as well.
Depending upon what data they are looking for, the tool is decided. For instance, if they want call logs from a password-protected iPhone, they would use Cellebrite UFED. In case they want some data from cloud storage, they would use Cellebrite UFED Cloud.
The NCFL routinely enhances images and videos, including CCTV footage, it gets from investigating officers. The NCFL does not have the ability to run facial recognition as the lab is not linked to any database of facial images. Facial recognition takes place in the Crime Records Office, a part of the National Crime Records Bureau. The NCRB is currently building a nationwide automated facial recognition system.
Some tools available in the NCFL:
- Imaging device from JMR-ICS (American)
- Write blockers, both portable kits and workstations, from Digital Intelligence (American). The annual maintenance contract for these devices is with Cyint, a Delhi-based digital forensics company which is also an authorised distributor/reseller of Digital Intelligence hardware.
- Cellebrite UFED, Cellebrite Physical Analyzer, Cellebrite UFED Cloud, Cellebrite Premium from Cellebrite (Israeli)
- MSAB’s XRY (Swedish)
- Oxygen Forensic Detective (Russian, as per the Intercept)
- Compelson Labs’ MOBILEdit (Czech)
- Tool to identify the crypto exchange on which cryptocurrency wallet is hosted
- Malware analysis lab
- Image and video analytics
Online cybercrime reporting during COVID-19 practically doubled
Roy told us that the number of reportings to the National Cyber Crime Reporting Portal practically doubled during the lockdown.
However, he warned that this does not necessarily mean that the incidence of cybercrime itself doubled, just the reporting did. It could be because there were actually more cybercrimes or because people had no other means to report crimes, he said.
Generally, 60% of all reported cybercrimes are financial frauds, 33%-35% are online harassment and related crimes and 5% are miscellaneous crimes, Roy said. During the lockdown, these broad trends persisted, indicating that the incidence of cybercrimes did not increase, just their reporting.