Undercover Infiltration of EncroChat Thwarts Thousands of Criminal Operations

August 07, 2020
encrochat v2

Last month, U.K. law enforcement struck at the heart of the nation’s criminal networks. Operating under the codename Operation Venetic, the National Crime Agency (NCA), regional organized crime units (ROCUs), and British police forces were able to dismantle some of the nation’s most notorious criminal networks by infiltrating the encrypted communications platform EncroChat. It is being heralded as “the broadest and deepest ever U.K. operation into serious organized crime.”

EncroChat first came to the attention of the French police force in 2017 after their discovery of customized untraceable mobile handsets during operations against organized criminal gangs. This resulted in the forming of an international taskforce, of which the NCA played a key role. Together, enforcement agencies shared technical expertise and intelligence to target the encrypted messaging system that was being used to coordinate and plot illegal activities.

Two months ago, there was a breakthrough; French and Dutch agencies infiltrated the encrypted network, gaining access to users’ communications, later sharing caches of harvested data via Europol to partners around the world. On June 13, realizing they had been penetrated by a public authority, the company shut down operations. Customers were warned to immediately discard their phones—but law enforcers were already poised to strike.

By cracking the bespoke encrypted global communication service, U.K. authorities began to unravel entire organized crime groups up and down the country. The shared intelligence packages helped NCA operational teams, ROCUs, Police Service of Northern Ireland, Police Scotland, Metropolitan Police, Border Force, the Prison Service, and HMRC launch and develop investigations, and target the highest-harm criminal groups.

Police monitored a hundred million encrypted messages and hundreds of thousands of images through the platform, resulting in 746 arrests and raids, seizing:

  • over £54 million in criminal cash;
  • 77 firearms, including an AK47 assault rifle, sub machine guns, handguns, four grenades;
  • over 1,800 rounds of ammunition;
  • more than two tons of Class A and B drugs;
  • over 28 million Etizolam pills (street Valium) from an illicit laboratory;
  • 55 high-value cars;
  • 73 luxury watches; and
  • 106 EncroChat handsets.

“The infiltration of this command and control communication platform for the U.K.’s criminal marketplace is like having an inside person in every top organized crime group in the country,” said NCA Director of Investigations Nikki Holland.

A specialist NCA team also prevented rival gangs from carrying out kidnappings and executions on U.K. streets. They successfully averted over 200 threats to life, and two allegedly corrupt police and law enforcement officials were revealed and arrested during the operation.

The perfect tool for organized crime

In early 2020, EncroChat was one of the largest providers of encrypted digital communications, boasting 60,000 users worldwide. Created in the Netherlands, the network and its associated handsets—while legal on their own—had mass appeal to lawbreakers, soaring in popularity in 2017 after police hacked into the PGP Blackberry server favored by many criminals.

It advertised perfect anonymity, even at the point of sale—described as “acquisition under conditions guaranteeing the absence of traceability.” Soon it controlled a “sizable chunk of communications infrastructure for organized crime,” taking over the market thanks to its product offering. With cryptotelephones that could be wiped remotely, provided dummy screens, and had no traces linking SIM cards or devices to users, it had mass appeal to criminals. Costing around £1,500 for a six-month contract, handsets also came equipped with self-destruct systems and a “panic password” to wipe data. If arrested, the owner could give an alternative password which, when put into the device, would delete its history.

According to Europol, a very high share of EncroChat’s users were engaged in criminal activity. Significant user hot spots were identified in source and destination countries for cocaine and cannabis trade as well as money laundering centers. It soon became a “major enabler of organized crime in the U.K.,” used by about 10,000 criminals in Britain. It underpinned the business models of large-scale illegal activity, enabling networks to coordinate their empires with ease. By infiltrating the platform, authorities gained firsthand insight into criminal dealings, including the importing and distributing of illegal goods, extortion, drug dealing, theft, assault, debt collection, acid attacks, firearms trafficking, turf wars, money laundering, and murder plots against rival criminals.

Working together

E.U. nations face increasing threats from organized crime. Their pervasive and highly adaptive nature has in turn morphed them into one of the more pressing security challenges faced by law enforcement and authorities. By cracking this encrypted communications platform facilitating criminal activities, lawmakers could simultaneously target organized crime groups from across Europe and get right at the heart of their operations.

This unprecedented breakthrough in the fight against serious and organized crime was only possible via intelligence sharing and cross-border collaboration. Europol provided extensive analytical and financial support, technical expertise, and a secure platform for countries to exchange information. Only by working together could they intercept, share, and analyze millions of messages exchanged between EncroChat users to orchestrate serious crimes across Europe, the Middle East, and beyond. By gaining real-time unique insight into perpetrators’ plans, authorities were poised to act, leading to arrests in the U.K., Norway, Sweden, France, and the Netherlands.

“The results have been outstanding, but this is just the start”

Despite the shutdown of EncroChat’s servers, Europol warned how this complex operation demonstrated the global scope of serious and organized crime. The investigation uncovered the worrying connectivity of criminal networks using advanced technologies to coordinate national and international lawbreaking. “The results have been outstanding, but this is just the start,” noted Holland, signaling that challenges lie ahead for those looking to tackle perpetrators. 

Nevertheless, the consequences of the operation “will continue to echo in criminal circles for many years to come.” The gleaned data is supporting hundreds of ongoing cases while simultaneously triggering numerous new investigations against organized crime around the world. It is hoped that other platforms on the market will become less attractive to criminals who may be wary of their use given the EncroChat breach. Furthermore, any improvement of cross-border communications channels between those upholding the law can only positively impact those taking a stand against organized crime. By successfully gaining unique and global insight into the scale and functioning of such networks, the learnings of this case will assist law enforcement to combat organized crime in the years to come.


Written by STOP: ILLEGAL

Share this link