What Is Cellebrite, And What Kind Of Data Can It Recover?

In theory, if you exercise even the bare minimum of best security practices on a smartphone from the last decade or thereabouts, it should be fairly difficult for most bad actors to access your data if they manage to get ahold of your handset. A tricky lock screen PIN goes a long way, as do hardware-level encryption and the various features that both Samsung and Google have added to deter Android phone theft because they make it much harder to sell a stolen phone. However, that deals mainly with the average thief or other low level bad actor.

When there are reasons for law enforcement or a foreign government to be after your data, things get a lot more complicated. Though cases where law enforcement uses specialized software to unlock the phones of shooters killed in the act by police are probably the best-known examples, there are plenty of other situations in which a government body might try to access cell phone data. For instance, if you're a journalist or activist on the radar of a foreign power in a negative way, then there's a chance that they might deploy undetectable spyware onto your phone. 

One of the most high-profile companies doing this is Israel's Cellebrite, but that doesn't mean that the company is familiar to the average smartphone user. So who are they and what do we know about their software? Let's find out.

Cellebrite is an Israeli private security and digital forensics firm that first attracted headlines in March 2016 when Israeli newspaper Yedioth Ahronoth reported that the FBI had contracted the company to get into the PIN-locked iPhone 5C of San Bernadino mass shooter Rizwan Farook. While Cellebrite's involvement in that incident was later disputed by The Washington Post's reporting that it was Australia's Azimuth Security that helped the FBI, it still marks the moment that the public became aware of Cellebrite. 

Most recently, Cellebrite was highlighted in outlets like Bloomberg for giving law enforcement access to tools that they used to break into the phone of attempted Donald Trump assassin Thomas Matthew Crooks. However, that's not all they do, and the company has been in the news a few times since 2016.

Cellebrite also makes digital forensics tools that can look a lot like spyware, with Haaretz reporting in 2020 that the firm had sold such technology to the Saudi Arabian and Chinese governments. In 2016, ZDNet got ahold of some of some extraction reports — Cellebrite phone dumps, basically — that demonstrated what the company's software can get out of a theoretically protected phone. Besides extracting basic user data, it mapped the owner's movements using photo geolocation tags and displayed the owner's text messages in chronological order.