US Customs and Border Protection Seeks Enhanced Digital Forensics Tools
The United States Customs and Border Protection (CBP) agency is soliciting proposals from technology firms for advanced digital forensics tools tailored to analyze data from seized electronic devices. This initiative, aimed at evaluating text messages, images, videos, and contacts, underscores CBP’s commitment to modernizing its capabilities at the nation’s borders. Documentation reviewed indicates that CBP is particularly interested in tools that can uncover hidden meanings in text communications, identify specific objects across video footage, and access content from encrypted messaging platforms.
An announcement published in the Federal Register details the specific capabilities CBP is seeking. Among these requirements is the ability to detect “hidden language” in communications and to decipher patterns within extensive data sets for intelligence generation. The request was initially posted on June 20 and subsequently updated on July 1.
For nearly 15 years, CBP has depended on Cellebrite technology for extracting and examining data from seized devices. However, the agency has expressed a desire to expand its digital forensics program, indicating a need for updated tools. Last year alone, CBP conducted searches on over 47,000 electronic devices, a significant increase from over 8,500 devices in 2015. This surge highlights the growing scope of digital investigations at the border.
This recent request for information (RFI) emerges amid numerous reports regarding CBP’s practices of detaining individuals attempting to enter the United States. High-profile incidents have raised questions about the agency’s methodology, especially concerning the questioning of travelers about their political views and travel intentions, along with the examination of their phones. In one instance, a Brown University professor was repatriated after her phone was searched and suspicions were raised regarding her affiliations.
The chosen vendor is expected to finalize a contract with CBP in the third quarter of the 2026 fiscal year. Currently, CBP holds several active contracts with Cellebrite, valued at over $1.3 million, which will conclude between July 2025 and April 2026. While the agency utilizes tools beyond Cellebrite, specific technologies have not been disclosed.
Cellebrite, which declined to provide further insight into ongoing proposals, continues to play a pivotal role in CBP’s data extraction strategies. The company’s software allows investigators to sift through vast amounts of data, identifying significant trends and insights from devices. This includes the ability to analyze text messages and social media interactions, as well as to construct social connections through contact data.
Given this context, it is worth noting that potential MITRE ATT&CK tactics relevant to this data interrogation landscape include initial access through exploiting weaknesses in device security, persistence by installing unauthorized software, and privilege escalation during the examination of digital data. As CBP seeks to refine its digital forensics toolkit, it remains imperative for technology providers to align their solutions with these nuanced operational requirements.
With evolving technology and increasing data complexities, the need for effective digital forensics tools at U.S. borders has never been more critical. As threats continue to develop, the demand for advanced analytical capabilities is expected to rise, shaping the future of border security and digital investigations.
