20.5k unique visitors in the last 3 days

Taking the Fight to Encrypted Crime Networks: Why the ANOM Sting Is So Important

The FBI operated an encrypted messaging network for criminals, leading to over 800 arrests and major drug busts worldwide.

More than 800 arrests have been made worldwide following an operation that encouraged criminals to use an encrypted comms network operated by the US Federal Bureau of Investigation (FBI) with assistance from Australian law enforcement. Dubbed Operation Trojan Shield, the FBI’s plan was to distribute the ANOM encrypted messaging app to mafia and drugs gangs that have grown wary of using public networks that are likely to be surveilled. Undercover officers seeded the distribution of ANOM by persuading underworld figures including Australian fugitive and alleged drug trafficker Hakan Ayik to recommend the app to their criminal associates. The app then spread virally between criminals. The success of this strategy is partly illustrated by the FBI’s map of all the countries that had ANOM users as of last month (pictured above).

A US Department of Justice announcement described the ANOM sting as ‘an investigation like no other’.

…criminals sold more than 12,000 ANOM encrypted devices and services to more than 300 criminal syndicates operating in more than 100 countries, including Italian organized crime, Outlaw Motorcycle Gangs, and various international drug trafficking organizations…

…agents catalogued more than 27 million messages between users around the world who had their criminal discussions reviewed, recorded, and translated by the FBI, until the platform was taken down…

The users… openly discussed narcotics concealment methods, shipments of narcotics, money laundering, and… violent threats… Some users negotiated drug deals via these encrypted messages and sent pictures of drugs, in one instance hundreds of kilograms of cocaine concealed in shipments of pineapples and bananas, and in another instance, in cans of tuna…

Grand totals for the entire investigation include 800 arrests; and seizures of more than 8 tons of cocaine; 22 tons of marijuana; 2 tons of methamphetamine/amphetamine; six tons of precursor chemicals; 250 firearms; and more than $48 million in various worldwide currencies. Dozens of public corruption cases have been initiated over the course of the investigation. And, during the course of the investigation, more than 50 clandestine drug labs have been dismantled. One of the labs hit yesterday was one of the largest clandestine labs in German history.

Australian police said they had acted on 20 different ‘threats to kill’ whilst the Swedish Police Head of Intelligence said the operation led to the prevention of more than 10 murders. The execution of the sting saw over 9,000 police officers searching 700 locations around the world.

The sting was described as the ‘biggest ever law enforcement operation against encrypted communications’ by a Europol press release, though this description misses the point entirely. In this instance the police were not fighting encrypted comms, but using the promise of encrypted comms to lure criminals into using a network that was not actually secure.

I recently argued that police were losing the battle against encrypted comms based on the trends in the number of users identified each time a new criminal comms network is infiltrated and taken down. It is great that law enforcement bodies have proven to be far more intelligent than I could have appreciated. Trying to catch criminals after they set up an encrypted comms network is going to be increasingly problematic because the technology is widespread and there is no way to erase what people know about cryptography. Many governments have already imposed modifications to services provided by legitimate comms providers to ensure the police have back door access or to make it easier for law enforcement to decipher messages. Watering down encryption on legal networks is the reason why criminals are motivated to create their own networks, and nothing will prevent them from using the strongest possible encryption. This means the police are likely to end up playing an endless game of whack-a-mole if their only strategy is to infiltrate each criminal comms network that rises to replace the last network taken down.

Setting up a bogus encrypted network is a game changer for law enforcement. It means police are listening in to all the criminal activity on a network from its inception, their bogus network is displacing the rise of genuine criminal networks that would otherwise have been created to satisfy demand, and criminals now have reason to fear that any network they adopt may just be a front for a sophisticated police operation. The FBI and their peers deserve considerable praise for changing the rules so they could finally get ahead of the criminal’s game.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email