Palantir Misconfiguration Allowed Unauthorized FBI Access
In the midst of the high-profile prosecution of Virgil Griffith, who is being tried in federal court for assisting North Korea in evading sanctions, the Department of Justice informed judge Kevin Castel of the Southern District of New York (SDNY) that the case evidence had been accessed by unauthorized FBI employees.
Three FBI analysts and one special agent who were “not part of the prosecution team between May 2020 and August 2021” accessed information which the FBI had obtained via search warrants served on Griffith’s Twitter and Facebook accounts. The advisory letter to the judge noted, “These FBI employees, all of whom are based in FBI offices other than the New York office handling this case, were conducting investigations into other matters.”
While the letter is very much an egg-on-your-face moment for the SDNY, it is a much larger failure for the FBI and the information technology team responsible for the Palantir database in which the search warrant information was filed and stored. So how does information which is supposed to be compartmentalized become available?
Misconfiguration.
When asked about their platform, a Palantir spokesperson distanced the company from the misconfiguration error, telling the NY Post, “There was no glitch in the software. Our platform has robust access and security controls. The customer also has rigorous protocols established to protect search warrant returns, which, in this case, the end user did not follow.”
The letter detailed how, on March 9, 2020, the FBI received the results from the search warrants for Griffith’s Twitter and Facebook accounts. The information was loaded into the Palantir “document review platform.” Four days later, the results were provided to the defense team. In September 2020, the government completed its review, segregated the data which was germane to the case and provided the same to the defense. The prosecution informed the defense on September 20 that they had concluded their review and searches of the Twitter and Facebook data returned via the search warrant.
Fast-forward to mid-August 2021. A case agent within the FBI received an email from another agent which highlighted “that an FBI analyst, in the course of conducting a separate investigation, had identified communications between the defendant and the subject of that other investigation by means of searches on the platform that accessed the Search Warrant Returns.” A review of the incident revealed that three others had also previously accessed the information. A few days after this revelation at the request of SDNY, Palantir employees at the FBI removed the case information from the Palantir platform.
Misconfiguration or Carelessness?
The subsequent investigation showed that unauthorized access to the case information “was made possible because, when data is loaded onto the platform, the default setting is to permit access to the data to other FBI personnel otherwise authorized to access the platform. When the Search Warrant Returns here were loaded onto the platform, those default settings were not changed to restrict access to the Search Warrant Returns to the FBI personnel actually engaged in reviewing the Search Warrant Returns pursuant to the warrants.”
Meaning the FBI’s instance of Palantir defaults to an “all-access” state and requires the user to change the default to restrict access to adhere to basic need-to-know principles. SDNY advised the judge that they did review all other data sets within the Palantir platform and confirmed that those security settings restricted data access to the prosecution team and their staff.
The SDNY informed both the judge and the defense that the data accessed by those without a need to know will not be used in the prosecution of Griffith.
Why the Palantir platform defaults to the “not restricted” state is a question FBI infosec teams need to address, before any more recurrences of “human error.”
