Do Recent Cryptophone Sweeps Signal Supply-Chain Coup for ‘White Hats’?
Following the ransomware attack that paralyzed Miami-based IT management software firm Kaseya over Independence Day weekend and other recent supply-chain debacles, the Western cybersecurity...
Three global law-enforcement sweeps of encrypted phone networks over the last year have disrupted the underworld's communications IT supply chain
The takedowns of EncroChat, Sky ECC, and Anom have collectively resulted in thousands of arrests, along with the seizure of multi-ton loads of narcotics valued in the billions of dollars, weapons, money, hard assets, and cryptocurrencies
But do these operations amount to a white hat cyber-exploit that can rival recent black hat attacks against American companies like SolarWinds, Colonial Pipeline, and most recently, Kaseya?
This exclusive report dissects a media-restricted, July EncroChat appellate judgment from the Manchester Crown Court, with expert witness testimony about the TTPs European investigators claim were used in the hack.
This report gathers insight from a wider variety of forensic specialists, privacy advocates, and clandestine security researchers to measure the effectiveness of the Encro, Sky, and Anom takedowns and explains the surveillance perils they portend for the innocent.
Besieged by increasingly severe supply-chain attacks, the Western cybersecurity community is on edge. Yet, three sensational law-enforcement takedowns of crime-linked, encrypted phone networks suggest the sword cuts both ways, as white hats are also PWNing communications networks favored by transnational organized crime with similar success.
This point was first raised in March by Black Hat hacker conference Review Board member Daniel Cuthbert in a since-deleted tweet following the publication of this journalist’s feature in the Diplomat that detailed “How Asian Drug-Trafficking Networks Operate in Europe”.
At the time, Cuthbert was responding to a speculative correlation made in the article linking the Sky ECC cryptophone dragnet, which was led by Belgian, Dutch, and French authorities, to the January arrest of Tse Chi Lop, the alleged billionaire kingpin of the Sam Gor Asia-Pacific drug cartel, after he was deported from Taiwan and forced to fly to Amsterdam’s Schiphol Airport.
Tse’s Dutch criminal defense lawyer, André Seebregts, said links to recent encrypted phone sweeps like Sky, EncroChat, and Anom “have thus far played no role in the limited scope of Tse’s extradition case,” which was orchestrated by the Australian Federal Police. Seebregts also said Tse “denies any involvement with the Sam Gor syndicate or any criminal organization.”
But the overall gist of Cuthbert’s tweet was that Western cyber-investigators don’t get enough credit for their supply-chain hacks. In cyber, supply-chain exploits entail the malicious compromise of a trusted piece of software or hardware at the source. “By compromising a single supplier,” writes Wired, “spies or saboteurs can hijack its distribution systems to turn any application they sell, any software update they push out, even the physical equipment they ship to customers, into Trojan horses.”