The EncroChat hack. Users of encrypted EncroPhones saw this message on their phones on June 16th and immediately feared the worst. The bulletin message read…
ENCROCHAT MALWARE BREACHED SYSTEMS
Important Security Notice Date Issued: 2020-06-12 Date Viewed: 2020-06-13
Today we had our domains seized illegally by government entities. They repurposed our domain to launch an attack to compromise carbon units.
With control of our domain, they managed to launch a malware campaign against the carbon to weaken its security.
Due to the level of sophistication of the attack and the malware code, we can no longer guarantee the security of your device. We took immediate action on our network by disabling connectivity to combat the attack.
You are advised to power off and physically dispose of your device immediately. Period of compromise was about 30 minutes and the best we can ascertain was about 50% of the carbon devices in Europe (due to the Updater schedule).
Why are Encrypted phones popular?
Encryption is popular with a number of industries, not just the criminal fraternity. There are many genuine reasons why someone wants to keep their affairs private. It could be for financial reasons, or because they are doing sensitive commercial work and are worried about industrial espionage.
And let’s not forget that WhatsApp and Facebook messenger is also encrypted messaging technologies.
What Is EncroChat
Encrochat was one of the world’s largest encrypted communications services. It was estimated to have 60,000 users across Europe, including 10,000 users in the UK. It is not entirely certain who operated Encrochat, although its servers were located in France.
The purpose of Encrochat was to provide a secure communications network where messages could not be easily intercepted. Encrochat attributed this need to a lack of privacy and human rights concerns, in a world where personal data can easily be tracked and traced.
Users were given a specially modified mobile device called an EncroPhone. This could not be used to make voice phone calls. Instead, it came pre-loaded with private messaging apps which could send text and picture messages to other Encrochat users.
Devices were hosted on Encrochat’s own servers. They also contained other security mechanisms, such as a burn facility, which allowed phone data to be erased remotely. Phone data would also be wiped unless a 15-digit passcode was entered correctly. The handsets operated via Wi-Fi signal, rather than mobile phone networks. It was also easy for users to disable features such as the camera, microphone and GPS.
These security measures made EncroPhones popular amongst celebrities, high net-worth individuals and – allegedly – organised criminal gangs, all of whom valued the secrecy and anonymity the platform provided.
So why was EncroChat singled out?
The hack by various Europe-wide law enforcement agencies was targeted at what is perceived as a network designed for criminals.
The UK’s National Crime Agency (NCA) said that the EncroChat network had been breached in April this year. It stated explicitly that the phones were mainly being used by criminals.
“The sole use was for coordinating and planning the distribution of illicit commodities, money laundering and plotting to kill rival criminals.”
“Unbeknown to users, the NCA and the police have been monitoring criminals every move since April,” an NCA spokesperson said.
It is the biggest and most significant operation of its kind in the UK.”
What Is The EncroChat Hack
In early June 2020, Encrochat users received a text message saying that their data was no longer secure. Users were advised to dispose of their EncroPhone immediately. The statement said their servers had been seized by ‘government entities’. Encrochat then took the decision to cease operations permanently.
It is thought that French authorities launched an investigation into Encrochat in 2017 after it was repeatedly linked to criminal activity. They then put a ‘technical device’ in place which allowed them to access Encrochat’s encrypted messages. This information was shared with law enforcement agencies across Europe, including the UK’s National Crime Agency (NCA). Codenamed Operation Venetic, authorities were ‘listening in’ on conversations between Encrochat users for months before the security breach was identified.
Nikki Holland, director of investigations at the NCA, said: “this is the broadest and deepest ever UK operation into serious organised crime.”
However, it is not entirely clear how the authorities infiltrated Encrochat’s servers. This may become vitally important later down the line. Encrochat claims their servers were ‘seized illegally’. If so, the data cannot be used as evidence in a court of law. Secure the services of EncroChat Solicitors.
So what has actually happened to alleged criminals who may have been using EncroChat services?
In Ireland, a man has already appeared in court on an alleged conspiracy to murder charges, firearms and drug offences. Much of the evidence is said to come from Encrochat communications.
It’s clear that up to 50% of Encrochats users may have had their communications intercepted. What it means to be charged with conspiracy to supply drugs means.
And according to https://omertadigital.com/ and an undisclosed source, it is alleged that the Government agents “spent 8 weeks reviewing communications. Armed with this data, users were located and arrested. The impact included a significant rise in seizures of contraband because communications had been monitored for weeks.”
So far reports indicate 746 arrests across the UK, including “high-value targets” and “iconic” fugitives who had previously escaped justice. The operation has also allegedly revealed the identities of an unknown number of corrupt police officers and employees in different law enforcement agencies.
The NCA has also confirmed that to date, £54 million in cash has been seized, along with 77 firearms and two tonnes of drugs. There have also been arrests in Holland, Norway, Sweden, Spain, France and Ireland. Also, a specialist NCA team, working closely with policing partners, has prevented rival gangs carrying out kidnappings and executions on the UK’s streets by successfully mitigating over 200 threats to life.
Will more arrest be made from the EncroChat evidence collected?
It is almost certain that more arrests will be made in the wake of the Encrochat hack. The NCA has said that it initially focused on intercepting serious crimes, including urgent cases such as murder and kidnappings. It is likely that further arrests will be made in the months and years to come, particularly in relation to ‘white collar’ or financial crime. In fact, it is thought that the NCA has shared information with HMRC, so there is likely to be action taken against those accused of tax evasion and other fiscal crimes. If this information its correct then you will be need good fraud Solicitors.
Dame Cressida Dick, the Metropolitan Police Commissioner, said: “this is just the beginning. We will be disrupting organised criminal networks as a result of these operations for weeks and months and possibly years to come.”
The NCA also said that any criminal who uses an encrypted phone should be “very, very worried.” Everyone will be looking to appoint EncroChat Solicitors.
Update: More Arrests Made From Operation Eternal 17th November 2020
Specialist officers have this morning made seven arrests and seized cash and a suspected firearm at addresses in east London and Essex.
The activity is linked to Operation Eternal, the Met’s investigation to counter the use of encrypted devices by criminals to avoid detection.
The warrants relate to an investigation into people who thought their criminality was hidden behind security devices to distribute messages and images in order to carry out their crimes.
As a result on the investigation on Tuesday, 17 November, police arrested a man on suspicion of directing the supply of drugs into east London and Essex between April and September 2020.
Also seized at the time of the arrest was a knife that is also suspected to be a stun-gun. The 52 year-old man [A] is currently being questioned by detectives and following the arrest, a residential property was searched in Liverpool
In addition, other addresses in east London and Essex, believed to be linked to the organised crime group, were searched today (18.11.2020) as police sought further evidence of drugs supply.
At an address in Havering, a 40-year-old man [B] was arrested on suspicion of possession of criminal property and cash, believed to be in excess of £100,000, was seized. (source)
What should you do if you are caught up in Operation Venetic? EncroChat Solicitors
Ashmans Solicitors are experienced criminal defence solicitors offering a nationwide service to anyone caught up in the EncroChat investigation codenamed Operation Venetic.
We have specialised expertise in the area of telecommunications and encryption evidence.
If you or anyone you know want a confidential discussion about defence strategies or are being interviewed by police because of the EncroChat hack, please get in touch. The earlier you do this, the more likely it is that the defence strategy can undermine any prosecution evidence or procedural errors.
Is this lawful?
There has since been a wave of search and arrest operations in the UK and Ireland, many of which are allegedly linked to encrypted phone evidence. This has left many wondering whether the police can lawfully breach encrypted communications – and if not, whether the evidence can be used to convict someone in court.
There are no straightforward answers to these questions. The laws surrounding the access of sensitive encrypted data are complex. The police will likely argue they had authorised clearance to access an encrypted mobile device, as has happened following the Encrochat hack. However, there may still have been a breach of the rules. It all depends on the circumstances.
Is it illegal to own a EncroPhone
If you have an encrypted phone, this might leave you fearful that you, too, will soon be facing arrest. However, it is not actually illegal to own an EncroPhone, or any other encrypted device. After all, the popular messaging app WhatsApp uses end-to-end encryption. Also, EncroPhones were originally intended for military use. Currently, there is no suggestion that Encrochat has done anything wrong. Rather, authorities are concerned with the content of any messages that you have sent and received.
What are the potential offences relating to encrypted phones?
You cannot be charged with a criminal offence for owning an encrypted phone. However, if the authorities intercept messages that implicate you in a crime, you could face legal action. The NCA has already said that Encrochat users have been linked to serious offences such as murder, money laundering and threats to life. There is also speculation that the service was used by organised crime groups involved in drugs offences and financial crimes.
As mentioned above, the authorities managed to access Encrochat’s servers, allowing them to read private messages between users. Anyone who sent or received a message in relation to a criminal offence (whether already committed or planned) may well come under investigation. This has already led to scores of arrests, with many more expected.
What happens if I’m arrested and I had an Encrochat phone?
You will not be arrested simply because you had an Encrochat phone. However, if the police suspect that you are involved in criminal activity as a result of communications intercepted during the Encrochat hack, it is vital that you get immediate legal advice. You may come under investigation long before you are actually arrested. You should appoint a criminal defence solicitor as soon as you think you are under investigation.
A criminal defence solicitor can advise how best to handle the situation. It is important that you do not answer any police questions without your legal representative present. If you are arrested, then you must be told the grounds for your arrest. You and your solicitor must also be allowed to see documents and records relating to your arrest. This will provide more clarity as to the information the police have regarding your alleged criminal behaviour.
What happens next depends on the circumstances of your case. You will likely be released under investigation (RUI). This means that the police want to gather more information regarding your alleged criminal activity. Charges have not yet been laid, but you are still a suspect. You may also be released on bail/conditional bail. If you are charged, you will either be remanded in custody or released pending a hearing at the Magistrate’s Court. Secure the services of solicitors that deal with digital evidence.
Do I have to disclose my phone PIN to the police?
If you have been served with a section 49 notice, then you must give police your PIN number or any other password or code that would enable them access to your data. This mechanism is available to the police under the Regulation of Investigatory Powers Act 2002 (RIPA). A failure to comply with a section notice 49 can result in a two-year prison sentence. Do I have to give the police my phone password without a section notice 49?
You do not have to disclose your PIN number to police unless you have been served with a section 49 notice. However, the police can seize your possessions as part of a criminal investigation, including your mobile phone, laptop and other electronic devices. These can be sent to experts for testing. Of course if your phone has already been hacked then they probably don’t need your PIN number anyway.
Can I defend a charge relating to an encrypted phone?
If you have been charged with a criminal offence, you are entitled to Advance a defence. If the alleged offence related to encrypted data, there is always the chance that the police have misinterpreted your messages or falsely accused you of wrongdoing.
The Encrochat hack also raises complex legal questions regarding the legality of the evidence seized by the authorities. Indeed, the prosecution will likely rely on the messages intercepted during the Encrochat hack to prove your guilt. In criminal cases, this must be proved beyond reasonable doubt. But thanks to the secrecy of Operation Venetic, there is uncertainty as to whether this evidence was legally obtained. This could lead to various legal challenges.
What are the legal challenges to the Encrochat hack?
Encrochat has suggested that their servers were seized illegally. If so, it will be possible to argue that the data cannot be used as evidence, on account of the fact that it was illegally, unfairly or improperly obtained. The law states that if ‘the admission of evidence would have such an adverse effect on the fairness of the proceedings’ then the court ‘ought not to admit it’. If the evidence is deemed inadmissible, it cannot be used against you. This may leave the prosecution very little to work with, meaning the case against you has little prospect of success.
There are circumstances in which evidence that is illegally obtained can be used in a criminal trial. This is permitted under section 56 of the Investigatory Powers Act 2016. However, these are very limited.
Abuse of process
There may also be grounds to argue abuse of process. This is when it would be impossible for you to receive a fair trial. In Encrochat cases, this would arise due to the way in which evidence was gathered. If the court agrees that there has been an abuse of process, the proceedings will be stopped. This is known as a ‘stay’ and will either be temporary or permanent.
Furthermore, questions will be raised as to whether the European Convention on Human Rights has been breached, which protects the right to respect for private life. This includes private messages and protects the public from unlawful surveillance.
These are the types of legal challenges that will be raised in the coming months, as Encrochat cases work their way through the courts system. At Ashmans Solicitors, our criminal defence solicitors will stay abreast of any new developments, applying the relevant case law to achieve a successful outcome on behalf of our clients.
Evidence inadmissible in court
Even if the court does not stay proceedings, it may be possible to argue that the evidence is inadmissible instead. Your criminal law solicitor will say that the evidence was illegally, unfairly or improperly obtained, meaning it cannot be relied upon in court. If the judge agrees, the evidence must be struck out and cannot be used against you.
Often, this serves to detail the prosecution’s case entirely. The evidence may be damning, or it may be ambiguous. Either way, if police breached the relevant codes of practice, or indeed breached your human rights, the evidence must be ruled as inadmissible.
What sentences could I face for offences relating to Encrochat?
If Encrochat evidence is relevant to your case, and you are found guilty, it is difficult to say what sentence you would receive. It all depends on the nature of the offence. The judge will take other factors into account when sentencing you. This including mitigating factors that will help to reduce your sentence, such as good character references and genuine remorse. It also includes aggravating factors that will work against you, such as being the ring-leader of an organised criminal gang.
Is owning an EncroPhone an aggravating factor?
The use of an encrypted device, such as an EncroPhone, may be deemed an aggravating factor by the courts. If you used an EncroPhone to organise or conduct criminal activity, you may face a harsher sentence. This is because the use of an encrypted device indicates sophisticated and planned criminal behaviour.
What are the future consequences of the Encrochat hack?
There have already been some high-profile arrests following the Encrochat hack. In Northern Ireland, for example, Michael O’Loughlin has been arrested for conspiracy to murder and other serious offences. The court was told that the evidence against him was obtained through “legal authorisation that allowed access to…encrypted mobile phone content.”
No doubt further arrests will happen in the immediate future. However, it remains to be seen whether evidence seized as a result of the Encrochat hack will be permitted in court. The legality of it is yet to be tested. Our criminal defence solicitors will certainly be challenging the actions of the authorities and requesting that any Encrochat evidence be excluded.
Our criminal defence solicitors
If you have any concerns about the Encrochat hack, please contact our criminal defence solicitors for advice. We defend those who have been accused of criminal activity and will represent you throughout proceedings. This includes free legal representation at a police station.
At specialists in criminal law, we know how to mount a challenge to any evidence linked to the Encrochat hack and can successfully defend the allegations made against you.
Make an enquiry
For a free initial enquiry, call us on 0333 009 6275. We are available to take your call 24 hours a day, 7 days a week.
What should you do if you are caught up in Operation Venetic?
Call us straight away even if you haven’t yet been approached by a law enforcement agency. Ashmans Solicitors are experienced criminal defence solicitors offering a nationwide service to anyone caught up in the EncroChat investigation codenamed Operation Venetic.
Encrochat Hack: Can Illegally Obtained Evidence Be Used Against You?
There are no straightforward answers to these questions. The laws surrounding the access of sensitive encrypted data are complex. The police will likely argue they had authorised clearance to access an encrypted mobile device, as has happened following the Encrochat hack. However, there may still have been a breach of the rules. It all depends on the circumstances. Call Us Now
Will the evidence on my EncroChat device be admissible in court ?
Even if the court does not stay proceedings, it may be possible to argue that the evidence is inadmissible
Are encrypted phones illegal?
No they are not illegal in themselves. Some users simply use encrypted phones for privacy reasons. However the use of an encrypted phone is said to be the hallmark of a high level criminality, and clearly it is illegal to organise criminality on a encrypted handset just as it would be to do so on a normal handset.