Police First Hack Then Demolish Organised Crime Gangs

Police have now arrested more than 800 people across Europe after shutting down an encrypted phone system, EncroChat, used by organised crime groups to plot murders and drug deals. More than two tonnes of drugs and £54m Sub-machine guns, an assault rifle, high value cars and luxury watches were impounded, says the NCA. 

The operation, launched at the height of the coronavirus lockdown, was the "deepest ever" UK operation into serious organised crime.

The top-secret phone system, had been used by criminals to trade drugs and guns has been successfully penetrated and shut down, says the British National Crime Agency (NCA).  The NCA worked with forces across Europe on the UK's "biggest and most significant" law enforcement operation, named Operation Venetic. British police have arrested 746 people as a result of the operation in what it called a "massive breakthrough" against organised crime, while the Netherlands held more than 100 people and there were arrests in Norway, Spain, and Sweden.

EncroChat sent a message to its estimated 60,000 users in June warning them to throw away their 1,000-euro devices as its servers had been "seized illegally by government entities". It has now been shut down.

Police monitored a hundred million encrypted messages sent through Encrochat, a network used by career criminals to discuss drug deals, murders, and extortion plots. Starting earlier this year, police kept arresting associates of Mark, a UK-based alleged drug dealer. Mark took the security of his operation seriously, with the gang using code names to discuss business on custom, encrypted phones made by a company called Encrochat. For legal reasons, Motherboard is referring to Mark using a pseudonym.

Because the messages were encrypted on the devices themselves, police couldn't tap the group's phones or intercept messages as authorities normally would. 

On Encrochat, criminals spoke openly and negotiated their deals in granular detail, with price lists, names of customers, and explicit references to the large quantities of drugs they sold, according to documents obtained by Vice Media's Motherboard from sources in and around the criminal world. At the same time frame, police across the UK and Europe busted a wide range of criminals. In mid-June, authorities picked up an alleged member of a drug gang. A few days later, law enforcement seized millions of dollar’s-worth of illegal drugs, in Amsterdam. It was as if the police were detaining people from completely unrelated gangs simultaneously.

In fact, for tens of thousands of criminal Encrochat users, their messages weren't really secure.

French authorities had penetrated the Encrochat network, leveraged that access to install a technical tool in what appears to be a mass hacking operation, and had been quietly reading the users' communications for months. Investigators then shared those messages with agencies around Europe.

This represents one of the largest law enforcement infiltrations of a communications network predominantly used by criminals ever. 

European agencies monitored and investigated "more than a hundred million encrypted messages" sent between Encrochat users in real time, leading to arrests in the UK, Norway, Sweden, France, and the Netherlands. As dealers planned trades, money launderers washed their proceeds, and even criminals discussed their next murder, officers read their messages and started taking suspects off the street.

The messages show how gangs allegedly directed members to gather money from customers, how to launder it safely, and where to hide drugs. In meticulous and time-stamped sections, the Encrochat messages lay out alleged crime after crime.
Encrochat positions itself as a legitimate firm with customers in 140 countries, but sources in the criminal underground say that many of Encrochat's customers are criminals. 

French authorities said they estimated that more than 90 percent of the company's French customers were "engaged in criminal activity."

Buying an Encrochat device is not straightforward and available only through criminal sources. Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. The company sold the phones on a subscription based model, costing thousands of dollars a year per device.

Encrochat is not the only company offering these sorts of phones. So-called ‘secure phone’ companies often don't have public-facing executives. Instead, they hide their ownership, and some have been caught conspiring with criminals. 

Law enforcement agencies had acted against encrypted phone companies before. In 2018, the FBI arrested the owner of Phantom Secure. The FBI tried to convince the owner to install a backdoor that they could use into the communications system. But he declined, before shutting the network down itself.

Law enforcement agencies are understood to have extracted an extraordinary batch of data from Encrochat devices. In a press release, French law enforcement agency  which spear-headed the investigation told France24 that "The investigation made it possible to gather elements on the technical functioning of Encrochat, and led to the establishment of a technical device, thanks to which unencrypted communications from users could be obtained."

Dozens of organised crime groups have been dismantled, says the NCA, with the bulk of arrests in London and north-west England. 

National Crime Agency:     France24:      BBC:       Vice:       Birmingham Live

You Might Also Read:  

French Cyber-Police, Avast & FBI Neutralise Global Botnet:
 

« Artificial Intelligence – A Brief History
Hong Kongers Erase Their Digital Footprints »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

Evok

Evok

EVOK is an IT Service provider specialized in installing, maintaining and supporting IT infrastructures for SMB's in Switzerland.

Computer Laboratory - University of Cambridge

Computer Laboratory - University of Cambridge

Computer security has been among the Laboratory’s research interests for many years, along with related topics such as cryptology

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Cybonet

Cybonet

Cybonet is committed to empowering organizations of all sizes with the tools and capabilities to detect and engage cyber security threats.

Picus Security

Picus Security

Huge gaps often exists between the "perceived"​ and "actual"​ IT security level of an organization. Picus Security continuously assesses security controls and reveals deficient ones before hackers do.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

ByteLife Solutions

ByteLife Solutions

ByteLife Solutions specialises in the provision of IT infrastructure services and solutions, including cybersecurity.

IAR Systems

IAR Systems

IAR Systems are a frontrunner in a changing industry, and a future-proof software supplier enabling the IoT.

Security Engineered Machinery (SEM)

Security Engineered Machinery (SEM)

SEM provides comprehensive end-of-life solutions for the protection of sensitive information in government and commercial markets.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

LoughTec

LoughTec

LoughTec secure, manage and connect IT infrastructure for businesses and organisations throughout the UK and Republic of Ireland.

White Tuque

White Tuque

A new way to protect your organization. White Tuque is your partner in identifying threats, understanding your risk, and ensuring your business remains resilient.

ZAG Technical Services

ZAG Technical Services

ZAG Technical Services is an award-winning information technology consulting firm delivering digital transformation solutions, IT assessments, managed services, security, and support.

Qevlar AI

Qevlar AI

Qevlar AI empowers SOC teams, to eliminate redundant tasks and refocus on what truly matters - making the most of every employee within the SecOps team.