Since at least the 1990s, U.S. federal officials have publicly worried that encrypted communications give aid to terrorists and criminals. More often than not they have, to some degree, been right.
In the early 2000s, Los Zetas, the infamous Mexican cartel, actually created their own military-grade encrypted radio network, which they used to mask the movements of their narco-trafficking supply chain. Around the same time, al Qaeda and other terrorist Mujahideen groups began using self-engineered encryption software in the hopes of avoiding the all-seeing eye of America’s national security state.
Other criminal groups quickly followed suit and, today, the need for “dark” capabilities has given rise to companies that intentionally court and sell exclusively to underworld clientele. These firms, which allegedly go to great lengths to protect their customers, appear to have a short life span, however: In the last few years, a number of prominent encryption platforms and other technologies have been infiltrated and dismantled by law enforcement — with the most recent example occurring just a week ago.
Last Tuesday, the U.S.Department of Justice announced “Trojan Shield,” a bold, over-the-top law enforcement operation. In it, the FBI used a high-level criminal informant to co-opt and then run an encrypted chat platform, called ANOM, designed specifically for transnational criminal organisations. Rather than infiltrate an existing platform, the feds had decided to create and operate their own. When drug traffickers and money launderers flocked to ANOM, the FBI and other authorities were waiting, ready to intercept and study all of the communications the crooks offered up. It was the honeypot to end all honeypots — a baited trap on a global scale.
Certainly, the short-term payoff from the operation has been overwhelming: all last week, governments throughout the world continued a parade of hundreds of arrests, with police holding press conferences and gleefully trotting out indictments related to the operation. Alleged biker gangs, Italian crime families, drug traffickers throughout the world were all ensnared. In the U.S., the Justice Department indicted 17 people allegedly involved in “managing” ANOM (despite the FBI’s secret role), arresting a majority of them. The operation has also revealed a deluge of intelligence about the ways in which international criminal syndicates operate, which will doubtlessly help inform future investigations targeted against such groups.
And yet, one of the operation’s long-term goals, as stated by police, seems elusive — if not quixotic. “We aim to shatter any confidence in the hardened encrypted device industry with our indictment and announcement that this platform was run by the FBI,” said Acting U.S. Attorney Randy Grossman during a press conference last week. Similarly, Suzanne Turner, the special agent in charge of the FBI’s San Diego Field Office, said that this should be considered a “warning” to criminals. “[Those] who believe they are operating under an encrypted cloak of secrecy, your communications are not secure,” Turner said. She later added that the operation would hopefully “keep criminals guessing” as to whether a platform was a legitimate business or one secretly run by the feds.
Grossman and Turner’s statements mark a turning point in a decades-long effort by the U.S. government to undermine encrypted communication, which has proliferated into the mainstream in recent years, from Signal to iMessage, WhatsApp to Google Messages. If the cops can’t break encrypted technologies, they’ll break our confidence in them instead — even if it means crossing the line themselves.
“Encrypted messaging apps are pretty much untouchable by law enforcement,” James A. Lewis, a security professional with the Centre for Strategic and International Studies, who has studied the issue for years, said in a phone interview.
“People used to speak by air-conditioners, or go for a walk in the park,” he said, referencing Godfather-type scenarios, in which criminals would sneak around to avoid wiretapping. Now, he said, everybody, including the mafia, has a smartphone in their pocket. Thus, the temptation to rely on such easy methods of communication is strong. “It’s just a general shift to relying on messaging,” he said. “Criminals have moved with the rest of the population.”
The companies that have preceded ANOM — many of which were infiltrated and dismantled by cops — worked hard to conceal their activities, which were done in the service of criminal ecosystems centred around drug dealing and murder, government officials have argued.
For instance, Phantom Secure, a now-defunct phone company that offered modified, encrypted Blackberry and Android devices, reportedly sold a majority of its services to Mexican drug cartels, which used the devices to communicate with underlings and strategise narcotics shipments. Two other platforms that were recently taken down by police — Sky Global and EncroChat — allegedly functioned in very much the same way.
Similarly, the devices used by the kind of groups ensnared in “Trojan Shield” are far different than your average “civilian” encrypted chat app like Signal or WhatsApp, both of which are end-to-end encrypted, meaning only the sender and recipient have access to any conversations. Most often, they are modified phones that have had the GPS, mic, and camera capabilities disabled, and include a specialised encrypted chat app that functions on a “closed loop” with other devices specifically designed to communicate with each other.
On top of this, the government claims companies that sell such devices will often offer covert protection to their customers — helping to remotely wipe the contents of phones if they are confiscated by police. With all of these benefits, criminals have little incentive to give up these types of services because they are simply too useful to their operations.
“A lot of the encryption is un-hackable,” Lewis said. “If you can get access to the device then your chances are better, but if you are just intercepting traffic, it can be exceptionally difficult — maybe even impossible [to hack it].”
That unbridgeable impasse is partially why the FBI and other federal agencies have spent the last 30 years waging a slow-motion campaign against the use of encryption. During the first so-called “Crypto Wars” in the 1990s, national security politicos in the Clinton administration argued that the proliferation of encryption technologies worldwide would effectively create a force-field around corruption. Ever since then, federal officials have, in one way or another, aggressively pursued a workaround for the technology, often employing strategies that threatened civil liberties and treated Americans’ privacy as an afterthought.
This has gone through a number of different iterations. When the ‘90s lobbying to halt encryption’s export didn’t work, the feds quickly turned to a different strategy: lobbying the private sector to install backdoors in their encrypted networks so that the FBI could enjoy intimate access to Americans’ protected communications. Beginning in the mid-2000s, the Justice Department and the FBI went on a charm offensive — trying to explain to Congress and the American people why it really needed to do this. That campaign has lasted for years, with ongoing lobbying by the FBI director continuing to the present moment.
With “Trojan Shield,” it really seems like a whole new tactic in the government’s ongoing battle against encryption, but one that is far more psychological than legal. Here, the bureau seems to be attempting to shake overall confidence in encrypted platforms — inspiring doubt over whether those communications are really secure or just a giant honeypot with an FBI agent lingering in the rearview. In so doing, they’re basically trying to undermine a technology that serves as one of the few protections for everyday people’s privacy in a world intentionally designed to eviscerate it.
Jennifer Lynch, the surveillance litigation director at the Electronic Frontier Foundation, said that the recent operation was concerning — adding that she doubted the FBI even had the legal authority in the U.S. to carry out “Trojan Shield,” which is probably why it was partnered with “more than 100 countries,” according to the DOJ.
“We still don’t know a lot about how this investigation occurred and how all of the data-sharing transpired among the different countries that were involved,” Lynch said in a phone interview. What we do know, however, is concerning enough. “The FBI said that they geo-fenced communications of Americans. That says to me that even the FBI doesn’t believe they have legal authority under the Fourth Amendment or our federal wiretapping act to do what they did.”
Extrapolating on that point, Lynch noted the bureau’s partnership with Australia, which recently passed the TOLA Act. The law allows the Australian government to compel private companies and technologists to reengineer software and products so that they can be used to spy on users. Australia’s laws also allow for extensive wiretapping, ones that far outstrip the ones available in the U.S., Lynch said.
“Basically, the FBI is laundering its surveillance through another country,” she said.
Alternately, Lewis argues that the challenges posed by encryption force law enforcement to get creative with how they combat the increasing use of the technology by criminal groups.
“You have to get a subpoena, you have to get the company to cooperate,” said Lewis, explaining the current restrictions when police try to investigate malfeasance via encrypted chat platforms. “The company won’t — in many cases — have access to the unencrypted data. That’s where something like this becomes attractive [to criminals].”
Even with high-powered entities like the U.S. National Security Agency, the data they intercept won’t necessarily be useful in traditional law enforcement investigations, he said. “The NSA is not in the law enforcement business,” he said. “They’re not collecting evidence. So even in the cases where they have intercepted traffic, it could not be used in court,” said Lewis. “So you’ve got technology problems and legal problems.”
If the operation has seeded doubt about the security of the platforms for criminal use, then it’s done its job, he argues.
“It’s certainly planted a seed of doubt in their minds,” he said, of the criminals. “Uncertainty really helps. It means they’ll want to do more face-to-face meetings or something else other than talk on the phone,” which may make them easier to catch, he said.
Of course, the FBI plants seeds of doubt by chucking handfuls of the stuff at everyone within earshot — it’s not just criminals who will fear that someone’s reading every text, it’s all of us. And for Lynch, that’s an injustice.
“I think that what the FBI did is highly suspect,” she said, “and I think that we should all be concerned about it — because it makes us question the privacy and security of our communications.”