Outside the Beltway

FBI Supplied Encrypted Comms to Criminal Networks

A massive sting operation has been revealed.

James Joyner · Wednesday, June 9, 2021 · 4 comments

New York Times (“The Criminals Thought the Devices Were Secure. But the Seller Was the F.B.I.“):

The cellphones, procured on the black market, performed a single function hidden behind a calculator app: sending encrypted messages and photos.

For years, organized crime figures around the globe relied on the devices to orchestrate international drug shipments, coordinate the trafficking of arms and explosives, and discuss contract killings, law enforcement officials said. Users trusted the devices’ security so much that they often laid out their plans not in code, but in plain language, mentioning specific smuggling vessels and drop-off points.

Unbeknown to them, however, the entire network was actually a sophisticated sting run by the F.B.I., in coordination with the Australian police.

Quite a few sting operations strike me as entrapment, arresting people for “plots” that wouldn’t have existed absent enticement from law enforcement. But this was an incredibly complex targeting of existing organized crime networks across the globe.

On Tuesday, global law enforcement officials revealed the unprecedented scope of the three-year operation, saying they had intercepted over 20 million messages in 45 languages, and arrested at least 800 people, most of them in the past two days, in more than a dozen countries. Using the messages, U.S. court papers say, the authorities have opened a barrage of international investigations into drug trafficking, money laundering and “high-level public corruption.”

The operation, code-named Trojan Shield, represented a breakthrough for law enforcement, which has struggled in recent years to penetrate the increasingly high-tech covert communications of criminals. Although the authorities have cracked or shut down encrypted platforms in the past — such as one called EncroChat that the police in Europe successfully hacked — this is the first known instance in which officials have controlled an entire encrypted network from its inception.

Europol, the European police agency, described the effort as “one of the largest and most sophisticated law enforcement operations to date in the fight against encrypted criminal activities.”

“Countless spinoff operations will be carried out in the weeks to come,” Europol said in a statement. American law enforcement officials announced further arrests in a federal racketeering indictment unsealed on Tuesday.

In Australia, the effort ensnared domestic and international organized crime groups and outlaw motorcycle gangs, with more than 200 people arrested, officials said. In Sweden, the police arrested 155 people on suspicion of serious crimes and prevented the killing of 10 people, the authorities said in a statement. The operation also targeted Italian organized crime and international drug trafficking organizations, and hundreds more people were arrested in Europe.

“We have been in the back pockets of organized crime,” Reece Kershaw, the commissioner of the Australian Federal Police, said on Tuesday.

The backstory is interesting as well:

The F.B.I.’s operation, according to court documents that the Justice Department unsealed on Monday, had its origins in early 2018 after the bureau dismantled a Canadian-based encryption service called Phantom Secure. That company, officials said, supplied encrypted cellphones to drug gangs, like Mexico’s Sinaloa cartel, and other criminal groups.

Seeing a void in the underground market, the F.B.I. recruited a former Phantom Secure distributor who had been developing a new encrypted communications system called Anom. The informant agreed to work for the F.B.I. and let the bureau control the network for the possibility of a reduced prison sentence, according to the court documents. The F.B.I. paid the informant $120,000, the documents said.

That’s a pretty good return on investment.

As to the obvious question of why spill the beans now:

Australian officials said they had revealed the operation on Tuesday because of the need to disrupt dangerous plots currently in motion and because of limited time frames for legal authorities invoked to intercept the communications.

Investigators also had pulled the plug on the Anom network because their wiretap authorizations were coming up for renewal and the sting had already gathered so much evidence, said Suzanne Turner, the special agent in charge of the F.B.I.’s San Diego office.

Whether this makes any longer-term dent in transnational criminal organizations remains to be seen. But one imagines it will make trusting in the effectiveness of encrypted communications more difficult.