EncroChat: Deciphering of the End-to-End Encryption Service Used by Criminals
Articles by the same author:
1
3
4
On 2 July, at a joint Europol and Eurojust press conference, the French Gendarmerie and the Dutch police announced that they had put an end to criminal networks by « neutralising » the end-to-end encryption of the EncroChat telephone network used by the latter. Beyond the technical prowess, this action led to the arrest of several hundred French, Dutch and British citizens, the seizure of drugs (more than 8,000 kilos of cocaine and 1,200 kilos of methamphetamine), the dismantling of 19 synthetic drug laboratories, the seizure of dozens of automatic weapons, of luxury watches, of 25 cars (some with hidden compartments), and of nearly 20 million euros in cash. More than 300 investigations could also be affected by rebound effect, including in Spain, Germany, and Norway,. If the result is impressive, it is the investigative technique that deserves special attention.
EncroChat is a Dutch company that offers encrypted telephone services for a subscription fee of more than 2,000 euros a year. It has about 60,000 clients, of which 90% related to criminal circles. The changes made by the company to the BQ Aquaris X2 smartphones are intended to prevent traceability of conversations and allow data to be erased in the event of an « emergency ». EncroChat’s intentions are clear in terms of the customers served and the alert messages sent to warn users of an intervention by government authorities.
The French Gendarmerie was entrusted with the case, since the company serves its global customers from the Lille region, in France. A « technical device » (covered by secrecy) has been designed to intercept and understand EncroChat’s secure telephone conversations, making it possible to capture more than one hundred million messages exchanged among criminal groups. The research work (CEREBUS project), carried out by the SCRC (Central Criminal Intelligence Service) and the INL (Electronic Informatics Department) of the IRCGN (Criminal Research Institute of the French Gendarmerie), was facilitated by European funding.
Several lessons can be learned from this exemplary investigation:
EncroChat will certainly be at the heart of the debates at the FIC 2021, as a living example of « collective and collaborative » cybersecurity!