Cybercrime , Endpoint Security , Fraud Management & Cybercrime
European Police Hack Encrypted Communication System
Cracking of EncroChat's Network Leads to Hundreds of Arrests in Organized Crime CrackdownEuropean police gained access to messages sent via an encrypted cellular network, leading to the arrest of hundreds of alleged organized crime members, according to Europol, the EU law enforcement agency.
See Also: 2024 Threat Landscape: Data Loss is a People Problem
The arrests were made possible when police accessed encrypted communications sent via EncroChat smartphones. Authorities did not reveal the technical details of this maneuver.
EncroChat shut itself down on June 13 when it discovered that the police had penetrated its network, according to European authorities. The company then sent a warning to all users telling them to throw away their phones, police officials say.
The multiyear investigation resulted in arrests in France, the Netherlands, U.K., Sweden and Norway, Europol announced Thursday. This includes more than 100 arrests in the Netherlands, where authorities confiscated more than 8,000 kilos of cocaine and 1,200 kilos of crystal meth, destroyed 19 drug labs and seized firearms and vehicles.
Britain's National Crime Agency reported 746 arrests, along with the seizure of £54 million ($67 million) in cash, 77 firearms and over two tons of illegal narcotics.
"In addition, a specialist NCA team, working closely with policing partners, has prevented rival gangs carrying out kidnappings and executions on the U.K.’s streets by successfully mitigating over 200 threats to life," according to the NCA.
EncroChat portrayed itself as being a conventional telecom firm, and it had publicly accessible websites, at least one of which has been taken offline. Other sites on which EncroChat lists the security measures built into each of its smartphone devices are still operating.
"In early 2020, EncroChat was one of the largest providers of encrypted digital communication with a very high share of users presumably engaged in criminal activity,” Europol says. “User hotspots were particularly present in source and destination countries for cocaine and cannabis trade, as well as in money-laundering centers."
The Investigative Team
The arrests were made possible through a joint investigation by French and Dutch law enforcement agencies with the assistance of Europol and the EU Agency for Criminal Justice Cooperation - Eurojust - which together formed a joint investigative team that infiltrated EncroChat, according to the report.
French police first tied EncroChat to alleged criminal operations in 2017 when they discovered that many of the phones found during criminal investigations used the telecom service. This led to the placement of a "technical device" on the EncroChat network that gave law enforcement officials a way to work around the encryption used by EncroChat and obtain direct access to users' communications, according to Europol.
French police approached Eurojust in 2019 to help open an investigation with the Netherlands, which had been working with Europol on a similar case since 2018. The NCA had been working on breaking EncroChat's encryption technology since 2016.
In April, Eurojust helped combine the French, Dutch, U.K. and Europol operations into a single team that eventually led to the arrests.
Encrochat’s Business
Encrochat sold smartphones for about €1,000 ($1,100), and a cellular service offering worldwide subscriptions for €1,500 ($1,690) for six months of service, Europol reported.
The phones and software were designed to hide the owner's identity, location and any other details that could be useful for law enforcement investigations. Namely, the devices had no SIM card, featured a dual operating system - with the encrypted interface being hidden so as not to be detectable - and also had no camera or microphone, and lacked GPS and a USB port. The devices offered automatic deletion of all messages on a recipient's device as well as the ability to remotely erase all data, according to Europol.
"EncroChat phones were presented to customers as guaranteeing perfect anonymity," Europol says.
US Legislative Efforts
The arrests coordinated by Europol came just a few days after three U.S. senators introduced the Lawful Access to Encrypted Data Act that would require service providers and device manufacturers to provide assistance to law enforcement when access to encrypted devices or data is necessary after a warrant is obtained.
Vendors and privacy advocates have fought against such measures, arguing that the installation of any such backdoors could be abused by both criminals, unfriendly nation states, as well as law enforcement (see: Apple Blasts Judge's iPhone Backdoor Order).