The police forensic department doesn’t wants to share how they hacked into secure encrypted phone networks to the court
A couple of months ago the French authorities detailed the operation of Operation Venetic, with which they managed to compromise the security of an account in the encrypted messaging application, allowing law enforcement agencies across Europe to collect the evidence needed to make more than 1500 arrests. After this incident, court hearings on this communications network were expected to start, although everything started after the defense asked the French government for more information on how the authorities accessed this network.
The defense mentions that this process of presenting evidence has been complicated because the prosecution does not have the necessary knowledge to understand the information contained in the documents related to the EncroChat hacking. Moreover, it is anticipated that this will be the defense main argument, which calls into question the legality and admissibility of evidence obtained from encrypted communications on this network.
The British authorities made hundreds of arrests thanks to information obtained from this operation, so the UK National Crime Agency (NCA) has recommended that courts prepare to receive at least 400 similar appeals.
Jonathan Kinnear, specialist in the Organized Crime Division of the Crown Prosecutor’s Office, mentions that the prosecution was already working to process requests from defense attorneys: “We have been working to respond to all these requests, analyzing the characteristics of the disclosure of this information that some consider to be a secret not subject to being presented as evidence.”
The defense is even raising new questions about the ability of the French authorities to break security on such platforms, even though police agencies in the Netherlands and Belgium recently claimed to have compromised the security of Sky ECC, another encrypted communications platform. In a joint report, the authorities of these countries claimed to have accessed more than one billion encrypted messages from this network, which would also have allowed multiple arrests to be made.
In addition to questioning these practices, the defense argued that the compromise of these files would constitute a violation of the fundamental rights of the accused.
Since the leaks revealed by former US National Security Agency (NSA) employee Edward Snowden, it is a well-known and well-documented fact that multi-country governments invest millions in developing tools and software capable of breaking security mechanisms in encrypted communication systems.
Internal documentation of the NSA has suggested that this agency has already achieved compromised at least one encrypted communication system, although there is no mention of the allegedly compromised platform. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
Originally published at https://www.securitynewspaper.com on April 1, 2021.