In the aftermath of Wednesday's shooting rampage in San Bernardino, FBI teams recovered computer hard drives, flash drives and crushed cellphones left by the attackers. They flew the evidence to technical sleuths at a special FBI facility in Northern Virginia. At the same time, a crew from the bureau's lab there jetted to California to help reconstruct the shooting.
The tragedy in California is the latest big case that involves the mostly unseen scientists who work for the FBI’s Amy Hess in Quantico, Va. She is the FBI’s executive assistant director for science and technology, the master of much that is cool — and controversial — in the bureau’s arsenal of high-tech tools.
At Quantico on any given day, you might see FBI technicians pick apart a cellphone flown in from an overseas battlefield. Or robots processing DNA samples from convicted felons. Or in a room as large as a football field, scientists testing the signal strength of a radio antenna.
But even as it is developing biometric databases, rapid DNA-matching machines and laser-beam imagery for ballistic purposes — or trying to extract data from crushed cellphones that might offer insight into the San Bernardino shooters’ motives — the FBI is struggling to meet ever more complex technological challenges.
In cyber investigations, a crucial part of the bureau’s work, current and former agents say that the Operational Technology Division, or OTD, which Hess oversees, has failed to provide adequate tools to analyze massive amounts of digital data in hacking and cyberspying cases.
And despite the wizardry of its technologists, who also excel at traditional physical and electronic surveillance, the bureau is at a loss to solve what FBI Director James B. Comey has called one of the most worrisome problems facing law enforcement today: the advent of strong commercial encryption on cellphones where only the user can unlock the data.
At the same time, the bureau is facing concerns that the technologies it deploys — cellphone tracking, computer hacking and facial and iris recognition — lack sufficient protections for citizens’ privacy.
Hess says she considers it a privilege to be where she is. “When I’m sitting in the morning meetings with the director and deputy director, I know that the folks in my branch somehow contributed to the big case we’re all talking about that day,” she said.
Born and raised in a suburb of Louisville, Hess, 49, entered the FBI Academy in 1991, the second-youngest in her class, a good athlete and a whiz at video games.
“Even though my parents were essentially pacifists, we didn’t have guns in the house, I learned hand-eye coordination to the point where I got the Top Gun award for my [new agents’] class,” she said.
Hess, who has an astronautical engineering degree, started in the bureau’s science and engineering program. But her career path also took her into traditional cops-and-robbers investigations and domestic and international terrorism cases, including stints at headquarters and in Afghanistan.
In 2014, she was tapped to head science and technology. She has more people working for her — about 6,000 — than any other FBI branch. Her branch also has the single largest budget — somewhere between $600 million and $800 million. The bureau will not say how much.
Critical investigative support
Hess’s branch is rarely in the limelight, but the scientists at OTD and the laboratory, and at the Criminal Justice Information Services Division in Clarksburg, W.Va., provide crucial support to the government’s investigations and prosecutions.
“Whatever needs to be done — anything from evidence response to being able to sort through volumes of video and photographs — her branch is absolutely foundational to any kind of investigative success,” said Stephanie Douglas, a former executive assistant director of the FBI’s National Security Branch.
When the 2013 Boston Marathon was disrupted by deadly bomb explosions, OTD forensic analysts, as well as field office personnel, pored over hours of disparate video footage flooding in from restaurant and bar surveillance systems, television cameras and bystanders’ cellphones. They were able to stitch together a pivotal sequence. That video, never shown to the public in its entirety, captures a tall man with a white baseball cap walking through the crowd and casually placing a backpack on the sidewalk. The sound of an explosion — it was the first bomb — startles bystanders, who look to the left. The man just stands there, then walks off, leaving his backpack. Seconds later, the backpack explodes, killing an 8-year-old boy and severing a leg of the boy’s younger sister. That heart-wrenching video was shown privately to the jury, which convicted Dzhokhar Tsarnaev.
Also that year, when a gunman in Alabama took a 5-year-old boy hostage for a week in an underground bunker on his property, OTD devised a way to get eyes on the kidnapper. Technicians, working with the bureau’s hostage rescue team, hid an audio-video camera in a stuffed toy dinosaur, and the rescue team persuaded the abductor to pass it to the boy. The surveillance showed what was going on in the bunker and facilitated the child’s rescue.
The advent of strong encryption, however, is presenting Hess with a huge, perhaps insurmountable, challenge. In the past few years, tech firms and app developers have increasingly built platforms that employ a form of encryption that only the user, not the company, can unlock.
The bureau’s encryption dilemma is exacerbated by a chill that settled over the relationship between the FBI and Silicon Valley in the wake of leaks in 2013 about government surveillance by former National Security Agency contractor Edward Snowden.
Firms that feared being tagged as tools of a privacy-invading government became less willing to assist in surveillance “because it was perceived as not a good business model to be seen as cooperating with the government,” Hess said.
It used to be, she said, that companies meeting a legal requirement to provide “technical assistance” generally would try to comply with wiretap orders. “Now all of a sudden we get hung up on the question of what, exactly, does that mean I have to provide to you?” she said.
In recent months, the FBI’s conversations with companies have become more productive, she said, “but it’s not to the level we were pre-Snowden.”
Another challenge lies in cyberspace. Investigating intrusions, whether by Russian or Eastern European crime rings or Chinese government hackers, has become one of the FBI’s most important tasks. But agents in the field — techies who live and breathe ones and zeroes — say that tools provided by the OTD fall short.
The problem, they say, is a platform built to analyze data for counterterrorism and criminal probes. Insight, as it is called, can track the websites a suspect has visited, pull emails from a suspect’s account and reconstruct deleted emails. But the agents say it chokes on large amounts of network data.
In at least one case, an investigation has died as a result. And some agents have created their own tools or bought them commercially.
“For 30 years, OTD has been awesome at wiring up agents, putting micro-cameras on people, wiring up cars,” said one individual who, like several others, spoke on the condition of anonymity to be candid. “Where they suffer is understanding cyber investigations and cyber agents’ needs.”
Senior FBI officials say a fix is on the way. The cyber division has given OTD several million dollars to modify Insight. But that fix could take six months to a year, officials said.
‘High-tech and creepy’
More than any other FBI executive, Hess must navigate the tension between privacy and security.
While she might be seen as a kind of female Q, head of the fictional spy agency Skunkworks in the James Bond movies, Christopher Soghoian, principal technologist at the American Civil Liberties Union, sees her as “the queen of domestic surveillance.”
Said Soghoian: “All of the most interesting and troubling stuff that the FBI does happens under Amy Hess.” Whether it’s turning on the taps to collect data from tech companies to pass to the NSA (under court order), or covertly entering people’s houses to install bugs (with a warrant), he said, “if it’s high-tech and creepy, it’s happening in the Operational Technology Division.”
One area of controversy is the bureau's use of cell site simulators, or StingRays, which mimic cellphone towers to elicit signals from cellphones in an area, including from innocent bystanders. The FBI has long been secretive about the tool's use, and has even made state and local law enforcement sign nondisclosure agreements.
Though the agreements typically state that the local agency “will not . . . disclose any information concerning” the equipment, Hess insists that the FBI has never imposed a gag on local police. For the record, she said, the bureau does not object to revealing the use of the device. It’s the “engineering schematics,” details on exactly how the tool works, that the FBI wants shielded, she said.
Another group that remains shrouded is OTD’s Remote Operations Unit. There, technicians with a warrant hack computers to identify suspects. Euphemistically called “network investigative techniques,” that activity has stirred concerns similar to those raised with the use of StingRays.
For one thing, the warrant applications do not describe the technique’s use in detail. So judges may not really understand what they are authorizing. Hess said that agents can describe the process more fully to a judge in closed chambers. That’s if the judge knows to ask.
Privacy advocates also worry that to carry out its hacks, the FBI is using “zero-day” exploits that take advantage of software flaws that have not been disclosed to the software maker. That practice makes consumers who use the software vulnerable, they argue.
Hess acknowledged that the bureau uses zero-days — the first time an official has done so. She said the trade-off is one the bureau wrestles with. “What is the greater good — to be able to identify a person who is threatening public safety?” Or to alert software makers to bugs that, if unpatched, could leave consumers vulnerable?
“How do we balance that?” she said. “That is a constant challenge for us.”
She added that hacking computers is not a favored FBI technique. “It’s frail,” she said. As soon as a tech firm updates its software, the tool vanishes. “It clearly is not reliable” in the way a traditional wiretap is, she said.
Confident of finding solutions
On a recent afternoon, Hess stood in a warehouse-like space set apart from the four-story lab. There, she surveyed boxes of terrorist bomb-making materials — switches, batteries, pressure plates — resting on pallets and waiting to be examined by FBI scientists.
Every piece is meticulously analyzed, photographed and cross-referenced in a database. Fingerprints and DNA are lifted. Trace chemicals are assayed. Components are scrutinized. That way the FBI can match, say, a particular type of wire used to a specific terrorist cell in Yemen.
Since 2003, the Terrorist Explosive Device Analytical Center has collected close to a million individual pieces of terrorist-bomb evidence: the explosive hidden in the underwear of a militant seeking to blow up a Detroit-bound jet, the remnants of the Boston Marathon bombs, the shards of roadside explosives that have killed and maimed thousands of American troops in Iraq and Afghanistan.
It is the scale and depth of the technical work done by her branch that makes Hess confident about finding solutions the problems that have yet to be solved.
“I don’t think my job is to sit on the porch and watch it all go by and say, ‘Ah, that’s too hard,’ ” she said. “My job is to get off the porch, get in the middle of the problem and say, ‘We have an obligation to the American public to protect public safety and to prevent threats from happening.’ ”
