Phone interceptions will enhance work of Garda
Decryption is ‘like having an inside person in every top crime group’
In the past decade, law enforcement has been engaged in a technological arms race with criminal gangs constantly trying to find ways of communicating without being spied on.
Irish gangland criminals, including the now Dubai-based Kinahan gang, have in the past primarily relied upon PGP (Pretty Good Privacy) phones to do business.
These devices, essentially heavily modified Blackberry phones, are almost impossible to break into without the proper code. As an added layer of security, the Kinahans were known to distribute new PGP phones, which cost about ¤1,500 each, to senior gang members every few weeks.
The devices proved so hard to crack that senior gardaí called for the introduction of new laws allowing investigators to demand passcodes from suspects on arrest.
As far as these devices are concerned, the only major intelligence victory recorded by gardaí was when one quickthinking officer used his own phone to photograph a message on the PGP device of Imre Arakas immediately after the hitman’s arrest in 2017. Seconds later the message was remotely deleted, presumably by the person issuing orders to the Estonian to murder James “Mago” Gately.
Other than these rare intelligence coups, encrypted devices largely remained a black box for law enforcement agencies. However, a sophisticated operation led by French police, and revealed this week, has changed that dynamic.
The operation targeted Encrochat, a service which shares many of the same features as PGP but was viewed, until last month at least, as significantly more secure.
The phones, costing about ¤1,000 each, are Android devices, with the camera, microphone and GPS removed. Users must sign up for the secure meat a cost of ¤1,500 every six months.
The devices can send only text and images, not calls. Such was the perceived impenetrability of the service, criminals used it with impunity to plan murders, send photographs of weapons consignments and negotiate large drug deals. French police estimated up to 90 per cent of the 60,000 users were criminals.
Then, in the middle of the pandemic, gangs started to notice more drug shipments than usual being seized and that their members were being arrested increasingly regularly.
In the Netherlands, police arrested 100 suspects, seized 8,000kg of cocaine and dozens of automatic weapons and shut 19 synthetic drug labs.
In the UK, the National Crime Agency (NCA) arrested 746 people and stopped 200 planned murders.
These developments can all be traced to a French-led operation to infiltrate and dismantle Encrochat using technology never previously employed. The French used Encrochat’s own network to upload a malware virus which intercepted and read the messages on the device before they could be encrypted and transmitted.
The infiltration began as far back as April, meaning millions of messages were intercepted. These were then filtered by the French and Dutch authorities and shared with police agencies across the EU.
The interceptions came to an end in mid-June when Encrochat realised its security had been breached.
It is difficult to overstate the impact of the infiltration.
“It was as though we were sitting at the table where criminals were chatting among themselves,” said Dutch police chief Jannine van den Berg.
A senior NCA official compared it to “having an inside person in every top organised crime group in the country”, adding that it was the “broadest and deepest-ever UK operation into serious organised crime”. In the UK, it has led to the arrests of police officers and officials, and seemingly legitimate businessmen.
The operation raises questions for privacy and civil liberties campaigners. Encrochat is a legal service and it is not a crime to own a device. The French say the seemingly indiscriminate nature of the interceptions are legal under
French law but this will surely be tested once cases start coming to trial.Authorities are still sifting through the data trove and many more operations are likely in the pipeline.
However, its impact on organised crime operations in Ireland remains to be seen. This week the Garda declined to answer questions, as did Europol, the agency that helped co-ordinate the operation. Senior gardaí have privately briefed that no arrests are expected in the immediate future on foot of the infiltration.
There has been an unmistakable rise in significant arrests and drugs seizures by gardaí in recent weeks.
If Encrochat was the source for some of these it would not be surprising if gardaí wanted to keep that fact quiet.
‘‘ Infiltration in the UK has led to the arrests of police and officials
It is also tempting to speculate that Encrochat was on the mind of Assistant Garda Commissioner John O’Driscoll on Monday when he promised operations were in train to dismantle the Kinahan gang.
There have already been arrests north of the Border as a result of the breach where five people are in custody facing a total of 44 charges, including conspiracy to murder.
Information is being shared with the Garda. It is fair to say that, given the use of Encrochat by Irish criminals and the interconnected nature of modern organised crime, some of it is sure to prove useful.
In recent years, Garda units, including the Special Detective Unit, the Drugs and Organised Crime Bureau and the National Surveillance Unit, have quietly upgraded technology.
Most of this remains a closely guarded secret, but some fruits have been seen, including the conviction of nine men for planning the murder of Patrick Patsy Hutch in 2018, which depended heavily on electronic surveillance.
Given the relatively small size of the organisation, something like the Encrochat operation remains outside the Garda’s abilities, though there are efforts to bridge the gap.
According to a tendering document, the Garda Cyber Crime Bureau is seeking to spend about half a million euro on a “decryption suite” which will be used to break into “electronic devices, mobile phones and electronic files”.
Until now the bureau has mainly relied on off-the-shelf decryption technology to break into seized devices and extract evidence. “It is now considered a strategic imperative within this bureau that a robust decryption solution is available within the forensic process,” the document states.