Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Hundreds Arrested After Encrypted Messaging Network Takeover

Hundreds Arrested After Encrypted Messaging Network Takeover

European law enforcement agencies arrested hundreds of suspects in several countries including France, Netherlands, the UK, Norway, and Sweden after infiltrating the EncroChat encrypted mobile communication network used by organized crime groups.

EncroChat phones used by international criminal networks around the world to exchange encrypted data and millions of messages came with dual operating systems (Android OS and the EncroChat OS).

They also provided users with self-destruct messages, panic and password wipe, Secure Boot, tamper-proofing, and a brute force resistant FIPS 140-2 certified hardware cryptographic engine. EncroChat devices could also be remotely erased by the reseller or helpdesk on customer notice.

EncroChat sold the cryptophones for roughly €1,000 each all over the world and customers could get six-month worldwide coverage subscriptions at a cost of €1,500 EUR with 24/7 support.

According to the UK National Crime Agency (NCA), EncroChat had roughly 60,000 users worldwide with 10,000 of them active only in the UK.

Organized crime groups takedown

The operation was a joint effort of French and Dutch law enforcement agencies and judicial authorities who were able to dismantle EncroChat with the assistance of Europol and Eurojust.

After infiltrating the EncroChat network, the joint investigation team (JIT) was able to “intercept, share and analyze millions of messages that were exchanged between criminals to plan serious crimes,” information that was examined by the Europol and shared with JIT partners the information exchange to concerned countries.”

“A large number of suspects have also been arrested in several countries which were not participating in the JIT but particularly affected by the illegal use of these phones by individuals active in organised crime, including in the UK, Sweden and Norway,” the Europol said.

“Many of these investigations were connected with international drug trafficking and violent criminal activities.”

The information has already been relevant in a large number of ongoing criminal investigations, resulting in the disruption of criminal activities including violent attacks, corruption, attempted murders and large-scale drug transports. Certain messages indicated plans to commit imminent violent crimes and triggered immediate action. The information will be further analysed as a source of unique insight, giving access to unprecedented volumes of new evidence to profoundly tackle organised criminal networks. – Europol

The joint operation, known in France as Emma 95 and as Lemont in the Netherlands, allowed law enforcement to monitor the communications between thousands of suspects and the rest of hundreds all over the EU.

In the Netherlands, “[t]he investigation has so far led to the arrest of 60 suspects, the seizure of drugs (more than 10 000 kilo cocaine, 70 kilo heroin, 12 000 kilo cannabis, 1 500 kilo crystal meth and 160 000 liter of a substance used to produce synthetic drugs), the dismantling of 19 synthetic drugs labs, the seizure of dozens of (automatic) fire weapons, expensive watches and 25 cars, including vehicles with hidden compartments, and almost EUR 20 million in cash.”

In the UK, the NCA, Regional Organised Crime Units (ROCUs), and police forces used the information provided by the JIT to arrest 746 suspects as part of UK’s biggest ever law enforcement operation dubbed Operation Venetic and seized:

  • Over £54 million in criminal cash
  • 77 firearms, including an AK47 assault rifle, submachine guns, handguns, four grenades, and over 1,800 rounds of ammunition
  • More than two tonnes of Class A and B drugs
  • Over 28 million Etizolam pills (street Valium) from an illicit laboratory
  • 55 high-value cars, and 73 luxury watches
Image: Europol

How EncroChat was dismantled

French Gendarmerie and judicial authorities started investigating EncroChat in 2017 after finding that these devices  — using French servers — were being regularly seized in operations targeting organized crime.

“Eventually, it was possible to put a technical device in place to go beyond the encryption technique and have access to the users’ correspondence,” the Europol explained.

In April 2020 a joint investigation team (JIT) was created between France and the Netherlands, with the support of Dutch and French Desks at Eurojust and Europol.

Coordination meetings following the JIT’s creation also involved other countries that weren’t JIT members, including Norway, Spain, Sweden, and the UK.

Also read: Free 8 Steps Checklist for Companies to Prevent Data Breach

Image: Europol

The operation ended on June 13, 2020, when the group behind the EncroChat network realized that the platform was infiltrated by law enforcement agents.

On that day, EncroChat sent a warning to all users advising them to urgently throw away their phones and proceeded to shut down the servers.

EMERGENCY FOR ENCRO USERS: Today, we had our domain seized illegally by government entities. They re-purposed our domain to launch a malware campaign against the carbon to weaken its security. Due to the level of sophisticaction of the attack and the malware code, we can no longer guarantee the security of your device. We took immediate action on our network by disabling connectivity to combat the attack. You are advised to power off and physically dispose of your device immediately. Period of compromise was about 30 minutes and the best we can ascertain was about 50% of the carbon devices in Europe (due to updater schedule). – Warning send to EncroChat users

“While the activities on EncroChat have been stopped, this complex operation shows the global scope of serious and organized crime and the connectivity of criminal networks who use advanced technologies to cooperate on a national and international level,” the Europol said.

“The effects of the operation will continue to echo in criminal circles for many years to come, as the information has been provided to hundreds of ongoing investigations and, at the same time, is triggering a very large number of new criminal investigations of organized crime across the European continent and beyond.”

Also read: Things to Know about the Spam Control Act (Singapore)

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us