Police First Hack Then Demolish Organised Crime Gangs

Police have now arrested more than 800 people across Europe after shutting down an encrypted phone system, EncroChat, used by organised crime groups to plot murders and drug deals. More than two tonnes of drugs and £54m Sub-machine guns, an assault rifle, high value cars and luxury watches were impounded, says the NCA. 

The operation, launched at the height of the coronavirus lockdown, was the "deepest ever" UK operation into serious organised crime.

The top-secret phone system, had been used by criminals to trade drugs and guns has been successfully penetrated and shut down, says the British National Crime Agency (NCA).  The NCA worked with forces across Europe on the UK's "biggest and most significant" law enforcement operation, named Operation Venetic. British police have arrested 746 people as a result of the operation in what it called a "massive breakthrough" against organised crime, while the Netherlands held more than 100 people and there were arrests in Norway, Spain, and Sweden.

EncroChat sent a message to its estimated 60,000 users in June warning them to throw away their 1,000-euro devices as its servers had been "seized illegally by government entities". It has now been shut down.

Police monitored a hundred million encrypted messages sent through Encrochat, a network used by career criminals to discuss drug deals, murders, and extortion plots. Starting earlier this year, police kept arresting associates of Mark, a UK-based alleged drug dealer. Mark took the security of his operation seriously, with the gang using code names to discuss business on custom, encrypted phones made by a company called Encrochat. For legal reasons, Motherboard is referring to Mark using a pseudonym.

Because the messages were encrypted on the devices themselves, police couldn't tap the group's phones or intercept messages as authorities normally would. 

On Encrochat, criminals spoke openly and negotiated their deals in granular detail, with price lists, names of customers, and explicit references to the large quantities of drugs they sold, according to documents obtained by Vice Media's Motherboard from sources in and around the criminal world. At the same time frame, police across the UK and Europe busted a wide range of criminals. In mid-June, authorities picked up an alleged member of a drug gang. A few days later, law enforcement seized millions of dollar’s-worth of illegal drugs, in Amsterdam. It was as if the police were detaining people from completely unrelated gangs simultaneously.

In fact, for tens of thousands of criminal Encrochat users, their messages weren't really secure.

French authorities had penetrated the Encrochat network, leveraged that access to install a technical tool in what appears to be a mass hacking operation, and had been quietly reading the users' communications for months. Investigators then shared those messages with agencies around Europe.

This represents one of the largest law enforcement infiltrations of a communications network predominantly used by criminals ever. 

European agencies monitored and investigated "more than a hundred million encrypted messages" sent between Encrochat users in real time, leading to arrests in the UK, Norway, Sweden, France, and the Netherlands. As dealers planned trades, money launderers washed their proceeds, and even criminals discussed their next murder, officers read their messages and started taking suspects off the street.

The messages show how gangs allegedly directed members to gather money from customers, how to launder it safely, and where to hide drugs. In meticulous and time-stamped sections, the Encrochat messages lay out alleged crime after crime.
Encrochat positions itself as a legitimate firm with customers in 140 countries, but sources in the criminal underground say that many of Encrochat's customers are criminals. 

French authorities said they estimated that more than 90 percent of the company's French customers were "engaged in criminal activity."

Buying an Encrochat device is not straightforward and available only through criminal sources. Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. The company sold the phones on a subscription based model, costing thousands of dollars a year per device.

Encrochat is not the only company offering these sorts of phones. So-called ‘secure phone’ companies often don't have public-facing executives. Instead, they hide their ownership, and some have been caught conspiring with criminals. 

Law enforcement agencies had acted against encrypted phone companies before. In 2018, the FBI arrested the owner of Phantom Secure. The FBI tried to convince the owner to install a backdoor that they could use into the communications system. But he declined, before shutting the network down itself.

Law enforcement agencies are understood to have extracted an extraordinary batch of data from Encrochat devices. In a press release, French law enforcement agency  which spear-headed the investigation told France24 that "The investigation made it possible to gather elements on the technical functioning of Encrochat, and led to the establishment of a technical device, thanks to which unencrypted communications from users could be obtained."

Dozens of organised crime groups have been dismantled, says the NCA, with the bulk of arrests in London and north-west England. 

National Crime Agency:     France24:      BBC:       Vice:       Birmingham Live

You Might Also Read:  

French Cyber-Police, Avast & FBI Neutralise Global Botnet:
 

« Artificial Intelligence – A Brief History
Hong Kongers Erase Their Digital Footprints »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Quotium

Quotium

Quotium provides automated testing technologies to make business software applications secure and robust.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Sentia

Sentia

Sentia is an IT and infrastructure firm, with focus on Outsourcing, IT operation and management, Hosting, Co-location, Network, and IT security.

AuthenTrend

AuthenTrend

AuthenTrend provide biometric authentication products to achieve high security with extreme ease-of-use for the user.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

Option3

Option3

Option3 (formerly Option3Ventures - O3V) primarily seek control investments in the growing cybersecurity mid-market, seeking to build champions with the scale to bring cutting-edge products to market.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

SecondWrite

SecondWrite

SecondWrite’s next-generation malware detection engine delivers a combination of automatic deep code inspection and accurate scoring of zero-day malware.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

Cyshield

Cyshield

Since 2016, Cyshield has been a leader in cybersecurity and digital solutions. We have worked on 350+ projects, earning a reputation as a trusted consultant in the digital world.