The master stroke of Cyberendarms against the telephone network EncroChat should have significant legal implications in the entire Europe.
In a press release common, the Dutch and French authorities, under the leadership of the European agency Europol, have just announced the dismantling of an encrypted telephone network, EncroChat, very popular with criminal networks. The result of the Dutch police and French gendarmes is indeed impressive. The dismantling of this network has already boosted nearly 300 investigations in the Netherlands. The Batavian justice system thus got hold of 8 tonnes of cocaine, dismantled 19 synthetic drug laboratories and seized nearly 20 million euros.
French justice has given no figures. But she says the investigations have allowed the surveillance of communications from thousands of criminals, “Leading to the opening of numerous incidental procedures”. Elsewhere in Europe, the United Kingdom, Sweden and Norway, investigators have also had very good results on investigations related to drug trafficking or violent criminal activity.
INL at the cutting edge against EncroChat
A spectacular catch to be made, to a large extent, to the credit of French cyber-weapons. More precisely, it is the geeks geeks of Cergy-Pontoise who are to be credited for this remarkable work of investigation. It all started three years ago, when the high-tech gendarmes of the very pointed Electronic Computing Department (INL) of the Criminal Research Institute of the National Gendarmerie (IRCGN) noticed the use, by criminals, of phones using the EncroChat secure network. Justice will seize a few months later, the Center for combating digital crime (C3N), then headed by Colonel Jean-Dominique Nollet, to investigate this network.
According to the gendarmes, EncroChat phones cost around 1,000 euros each. Without camera, microphone, USB or GPS port, its designers praised its digital discretion. These phones also offered very interesting features for users wishing to cover their tracks. They range from automatic message deletion to a PIN code intended to delete all data on the device.
A sacred adversary for the gendarmes of the INL who then put themselves in battle order. This investigative work will lead to the Cerberus project. The investment in this decryption platform, of approximately 2.6 million euros funded by Europe, is paying off today. A sum necessary for example to acquire video cards. The gendarmes need it for their computational strength necessary for cracking passwords. However, there was no need in the case of EncroChat to do so.
Also read: French gendarmes offer decryption services to European police
The beautiful harvest of investigators
By delving into computer code, the authorities have indeed found a flaw in EncroChat. The encrypted communication solution is implemented from servers installed in France. But there is a flaw. “It was possible to set up a technical device allowing to circumvent the encryption and to have access to the correspondence of the users ”, say the authorities today. Clearly, they managed to hack EncroChat. Who is behind this performance? We ignore this information.
The press release specifies that the design of the technical device is covered by the secrecy of national defense. It can however be assumed that the geeks geeks of the INL department played an active role. On Twitter, the Gendarmerie reports that the C3N gendarmes have “Crack” EncroChat, without however specifying whether it is these soldiers who are at the origin of the malicious technical device. This is obviously more of a style formula than a direct attribution.
Finally, it is entirely possible that the gendarmes obtained outside assistance. The technical device used by the gendarmes actually calls for the capture of computer data. There is precisely a service under national jurisdiction, attached to the DGSI, responsible for this subject. His mission? Design, centralize and implement the technical provisions mentioned in articles 706-102-1, specifically the legal framework of the EncroChat operation.
Code name: Emma 95
Anyway, the harvest for the investigators is going to be good. So beautiful that it will take people. The gendarmes launch a task force: Emma 95. It has 60 gendarmes! A very large mobilization, very rare in a judicial investigation. Their job? Analyze the data and make numerous technical and judicial investigations. Today, nearly 2,000 procedural documents and 360 supporting documents. The national investigation cell is headed from the C3N. It also has the reinforcement of investigators from research sections and from the four central offices attached to the Gendarmerie (Oclaesp, OCLDI, OCLTI, OCLCH).
At European level, France and the Netherlands set up a joint investigation team on April 10, 2020. The latter will “Intercept, share and analyze millions of messages exchanged between criminals in order to plan serious crimes, indicates the joint communiqué of the police and judicial authorities. For the most part, these messages were read by the police in real time, without the knowledge of the senders.“
The fault discovered in mid-June
This effective intelligence work has led to concrete results. If we ignore the details of these operations, now carried out under the leadership of the Lille investigating judges, it is mentioned that violent attacks, attempted murders and drug trafficking have been hampered. This surveillance ended abruptly in mid-June. EncroChat discovers the flaw in its communication system exploited by the gendarmes. “We can no longer guarantee the security of our terminals because of the sophistication of the attack and the malicious code”, writes the organization. And to clarify, with a hint of steel, that this is an illegal attack by government entities.
The French gendarmes will respond maliciously to this shameless cheek. “Despite the findings relating to the criminal use of Encrochat terminals, the French authorities wish that users who say they are in good faith and who wish to have their personal data deleted from the legal proceedings can send their request to the service of ‘investigation, they write. Anyone presenting themselves as an officer, representative or administrator of the companies providing this service is invited to make themselves known and make their arguments known to the gendarmerie services at the following address: [email protected]. gouv.fr. ”
GT.
–
