The FBI on Tuesday showed off its new forensics laboratory in Dallas, where digital detectives extract data from cell phones and other electronic devices to help solve crimes, including the Jan. 6 attack on the U.S. Capitol.
It’s called the North Texas Regional Computer Forensics Laboratory, and it recently moved into a new state-of-the-art facility in a federal building on Houston Street downtown.
The employees are legal hackers who try to gain access to suspects’ cell phones after obtaining the owner’s consent or a search warrant signed by a judge.
In the evidence room, dozens of cell phones remain on a constant charge to keep them activated.
Sometimes accessing them is easy.
The latest news from around North Texas.
Other times it can take years for a computer program to methodically try every passcode in a process called 'brute force.'
"Sometimes the brute force can be a matter of seconds, sometimes the brute force, some of them, running all combinations, we're talking decades and that's not practical for us,” said Det. Ricky Hendrix.
Hendrix works for the Plano police department but is assigned to the lab full-time.
Other partners include Dallas, Frisco, Richardson and the Naval Criminal Investigative Service.
Hendrix explained how examiners actually break apart older devices to access the memory chips inside -- and whatever secrets they may hold.
"It's a challenging endeveor,” said Matthew DeSarno, special agent in charge of the FBI’s Dallas division. “It requires specialized equipment, specialized training, and that's one of the things this lab is focused on."
The Dallas lab examined the cell phones of some of the Texans accused of attacking the U.S. Capitol on January 6.
When a gunman went on a shooting spree in 2019 in Midland-Odessa, killing eight people and injuring 25 others, analysts from the lab went to the scene in a van full of the latest computer technology.
"Our mobile lab from here deployed with examiners and those examiners were critical in helping investigators immediately figure out how many shooters were involved,” DeSarno said.
The instant analysis indicated the shooter hadn't been in touch with any accomplices, which was a key question investigators had to quickly answer.
One thing this lab does not work on directly is hacking -- including the ransomware that shut down a major gas pipeline company.
Agents did not want to talk specifics about how many employees work in the lab, its annual budget, or how many devices it examines.
When the lab first opened 20 years ago, it was focused mostly on desktop computers seized in criminal investigations.
But now, mobile devices make up the majority of its work, the bureau said.