Police First Hack Then Demolish Organised Crime Gangs

Police have now arrested more than 800 people across Europe after shutting down an encrypted phone system, EncroChat, used by organised crime groups to plot murders and drug deals. More than two tonnes of drugs and £54m Sub-machine guns, an assault rifle, high value cars and luxury watches were impounded, says the NCA. 

The operation, launched at the height of the coronavirus lockdown, was the "deepest ever" UK operation into serious organised crime.

The top-secret phone system, had been used by criminals to trade drugs and guns has been successfully penetrated and shut down, says the British National Crime Agency (NCA).  The NCA worked with forces across Europe on the UK's "biggest and most significant" law enforcement operation, named Operation Venetic. British police have arrested 746 people as a result of the operation in what it called a "massive breakthrough" against organised crime, while the Netherlands held more than 100 people and there were arrests in Norway, Spain, and Sweden.

EncroChat sent a message to its estimated 60,000 users in June warning them to throw away their 1,000-euro devices as its servers had been "seized illegally by government entities". It has now been shut down.

Police monitored a hundred million encrypted messages sent through Encrochat, a network used by career criminals to discuss drug deals, murders, and extortion plots. Starting earlier this year, police kept arresting associates of Mark, a UK-based alleged drug dealer. Mark took the security of his operation seriously, with the gang using code names to discuss business on custom, encrypted phones made by a company called Encrochat. For legal reasons, Motherboard is referring to Mark using a pseudonym.

Because the messages were encrypted on the devices themselves, police couldn't tap the group's phones or intercept messages as authorities normally would. 

On Encrochat, criminals spoke openly and negotiated their deals in granular detail, with price lists, names of customers, and explicit references to the large quantities of drugs they sold, according to documents obtained by Vice Media's Motherboard from sources in and around the criminal world. At the same time frame, police across the UK and Europe busted a wide range of criminals. In mid-June, authorities picked up an alleged member of a drug gang. A few days later, law enforcement seized millions of dollar’s-worth of illegal drugs, in Amsterdam. It was as if the police were detaining people from completely unrelated gangs simultaneously.

In fact, for tens of thousands of criminal Encrochat users, their messages weren't really secure.

French authorities had penetrated the Encrochat network, leveraged that access to install a technical tool in what appears to be a mass hacking operation, and had been quietly reading the users' communications for months. Investigators then shared those messages with agencies around Europe.

This represents one of the largest law enforcement infiltrations of a communications network predominantly used by criminals ever. 

European agencies monitored and investigated "more than a hundred million encrypted messages" sent between Encrochat users in real time, leading to arrests in the UK, Norway, Sweden, France, and the Netherlands. As dealers planned trades, money launderers washed their proceeds, and even criminals discussed their next murder, officers read their messages and started taking suspects off the street.

The messages show how gangs allegedly directed members to gather money from customers, how to launder it safely, and where to hide drugs. In meticulous and time-stamped sections, the Encrochat messages lay out alleged crime after crime.
Encrochat positions itself as a legitimate firm with customers in 140 countries, but sources in the criminal underground say that many of Encrochat's customers are criminals. 

French authorities said they estimated that more than 90 percent of the company's French customers were "engaged in criminal activity."

Buying an Encrochat device is not straightforward and available only through criminal sources. Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. The company sold the phones on a subscription based model, costing thousands of dollars a year per device.

Encrochat is not the only company offering these sorts of phones. So-called ‘secure phone’ companies often don't have public-facing executives. Instead, they hide their ownership, and some have been caught conspiring with criminals. 

Law enforcement agencies had acted against encrypted phone companies before. In 2018, the FBI arrested the owner of Phantom Secure. The FBI tried to convince the owner to install a backdoor that they could use into the communications system. But he declined, before shutting the network down itself.

Law enforcement agencies are understood to have extracted an extraordinary batch of data from Encrochat devices. In a press release, French law enforcement agency  which spear-headed the investigation told France24 that "The investigation made it possible to gather elements on the technical functioning of Encrochat, and led to the establishment of a technical device, thanks to which unencrypted communications from users could be obtained."

Dozens of organised crime groups have been dismantled, says the NCA, with the bulk of arrests in London and north-west England. 

National Crime Agency:     France24:      BBC:       Vice:       Birmingham Live

You Might Also Read:  

French Cyber-Police, Avast & FBI Neutralise Global Botnet:
 

« Artificial Intelligence – A Brief History
Hong Kongers Erase Their Digital Footprints »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT GRC Forum

IT GRC Forum

The IT GRC Forum is an online resource and networking platform for the Governance, Risk Management, and Compliance (GRC) community

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

Cybero

Cybero

Cybero offers professional corporate cybersecurity training tailored to your business requirements.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

itbox.online

itbox.online

Itbox.online offers IT solutions to ensure that your company's technologies are always available and secure as your business demands.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Mphasis

Mphasis

Mphasis is a leading applied technology services company applying next-generation technology to help enterprises transform businesses globally.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

R3I Ventures - House of DeepTech

R3I Ventures - House of DeepTech

The House of DeepTech is an incubator for deeptech entrepreneurs that are transforming global industries. Areas of interest include cybersecurity.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.