Are Encrypted Communications Apps used for Crime Operations? | SaltDNA

Are Encrypted Communications Apps used for Crime Operations?

19/08/2020 | Nicole Allen

Police have successfully infiltrated some of the biggest criminal markets on the dark web - but it’s pushing criminals into using encrypted apps which the police struggle to crack.

Police have successfully infiltrated some of the biggest criminal markets on the dark web - but it’s pushing criminals into using encrypted apps which the police struggle to crack. Criminals are increasingly using encrypted apps to peddle unsavourished and illegal content.

An investigation by the BBC's File on 4 radio programme found that these encrypted apps take over from the dark web, as the venue of choice for criminal content exchanges. Dark web drug traffickers take to popular encryption apps to sell their items, sometimes using street vandalism to promote user profiles, and computer bots to communicate with customers. Traditionally, law enforcement has been able to request lawful interception of telco networks, which involves a wiretap listening into the device and capturing that data. The challenge with end-to-end encryption, of course, is that they can request that data, but the data will come back scrambled.

Shifts to illegal electronic transactions

Originally transactions would have been carried out face to face. However, there has been a shift towards electronic transactions. The shift follows a crackdown on illegal electronic transactions, coupled with the advent of security in applications to keep consumers anonymous. Cyber analysts have noticed this growing phenomenon in the criminal underworld, distinguishing the inventive methods used by gangs to escape police surveillance.

Hackers who have breached networks through a particular app clarified how programmed bots are used to connect with consumers – for ease as well as to defer liability. To market the services to prospective clients, the researcher posted photographs of the channel titles spray-painted on walls outside transit hubs and other public locations.

The use of "death drops" to deliver the product is another big shift in the way these drug traffickers work. Many dealers now have scrapped their old ways of face-to-face meetings, which avoids the risk of tracking or intercepting drugs through the postal system. They now place goods in locations that are publicly accessible, such as beaches, until the address is sent to the buyer only after the order has been completed. Semi-anonymous tokens such as bitcoin allow the transfers to be smoother in comparison to their previous dealings.

The drop gangs were first identified to function in Ukraine, but have since been found in Russia, the Balkans and much of Central and Eastern Europe. Europol Special Advisor Rik Ferguson points to end-to-end encryption and restricted identification checks which make gangs attractive for apps like Telegram.

Given the prevalence of drop gangs and the authorities' difficulty in monitoring and preventing them, security analysts caution that it will be risky to push applications.

The challenge for Law Enforcement

The proliferation of new apps is what’s proving most challenging to law enforcement. It’s staying ahead, it’s knowing what is the next platform that they have to be on and we live in unprecedented times. We live in a world now where countries are used to - for many hundreds of years certainly, possibly thousands - having national sovereignty and having jurisdiction over what goes on in their country. However, the internet isn’t built like that and the apps that run on the internet are global in nature. It is a human, ethical and philosophical challenge as much as it is a legal one.

However, the months before July 2020 police managed to secretly take over a global phone network for organised crime. Police were able to monitor a hundred million encrypted messages sent via Encrochat, a network used by career criminals in order to discuss drug deals, murders and extortion plots.

Only now is the operation's incredible scope coming into focus: it constitutes one of the biggest law enforcement infiltrations ever utilised by offenders in a messaging network, with Encrochat members extending across Europe and around the world. The messages "have given insight into an unprecedented large number of serious crimes, including large, international drug shipments and drug labs, murders, thrashing robberies, extortions, robberies, grave assaults and hostage takings. International drug and money laundering corridors have become crystal clear," Dutch law enforcement said.

Encrochat claims on one of its associated websites that it is a "end-to-end encryption tool" that can "guarantee privacy," and that chatting with Encrochat is "the online equivalent of a daily conversation between two individuals in an empty room" for "worry free communication." Already other firms that have been found to be advertising to old clients of Encrochat as other encrypted telecommunications companies are trying to fill the void left by Encrochat.

How SaltDNA’s platform prevents crime operations

With a focus on secure enterprise communications, SaltDNA's opinion on providing encryption services to private citizens is irrelevant. SaltDNA is not a consumer offering, and will only provide access to our solution to qualified, reputable enterprises and organisations.

SaltDNA also does not allow users to join the system without an invite. All users require an invite to gain access to the SaltDNA app and the organisation will go through a selection process in order to prevent criminals from using the app and to ensure the users legitimacy. Once the user(s) has access to the app they are able to have encrypted communications between mobile devices with full, centralised control for the enterprise. The product provides secure voice, messaging, conference calling and image/file transfer for busy professionals, who need to make important decisions while on the move.

SaltDNA’s platform uses an encryption mixture using multiple encryption algorithms for maximum security. While encryption alone is not enough, it is still of paramount importance in an enterprise-grade secure mobile communications platform. SaltDNA works with a number of large government clients across the globe who understand the importance of having full control over their sensitive communications. Public leaks would damage the reputation of their organisation and in some cases may affect the safety of their staff and population. Mobile communications present major privacy challenges within government bodies. With the increase in reported hacking activities government officials have to ensure that they protect their communications from mobile interception and cyber attacks. Our platform is strengthening the security of the world's communications in order to prevent crime operations from happening in the first place.

If you have any questions about this article or you are a part of an official organisation who would like to trial the system, please contact us on info@saltdna.com and we'd be happy to assist you in any way.

About SaltDNA

SaltDNA is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. SaltDNA offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. SaltDNA is headquartered in Belfast, N. Ireland, for more information visit our website.