On Tuesday, the Dutch police service announced the arrest of a man allegedly behind the sale of custom PGP smartphones and the seizure of the network allowing their use. The Dutch police claims in its statement the devices are used “extensively” by criminals.
“Police today copied multiple servers in the Netherlands,” a translated version of the statement reads. “The arrested suspect is the owner of a company in Nijmegen [a Dutch town near the German border]. His company supplied customized smartphones and associated communications.” Toronto Police, which also worked on the investigation, additionally seized a server and mirrored information from it.
The Dutch police doesn’t point to any particular brand of smartphone, but the agency has investigated so-called PGP BlackBerrys in the past.
These devices come complete with an encrypted email feature and are advertised by a number of online vendors as being more suited for sensitive communications than standard models. These companies also typically provide server infrastructure to route the encrypted emails. As Motherboard previously reported, Dutch police have found a way to read encrypted messages on the devices using tools from forensics company Cellebrite. Court documents have shown that the Royal Canadian Mounted Police can also decrypt messages on PGP BlackBerrys once they have physical access to the device.
The devices have reportedly been used by organized criminal groups all over the world. In March 2014, ABC in Australia reported that encrypted BlackBerrys were linked to a murder of a Hells Angels Biker. The Dutch announcement claims that the devices have also been associated with drug trafficking, and in January Motherboard reported on a Canadian kidnapping and assault case that heavily relied on such phones.
“By taking down the servers, the police probably secured the largest encrypted network of criminal[s] [in the] Netherlands,” the translated version of the press release continues, and adds that the 36-year-old man was arrested on suspicion of money laundering.
According to the announcement, 19,000 registrants who used the network have automatically been informed of the seizure, and the network is being investigated by the police. It’s unlikely all of those users will be criminals; the notice informs users police are focusing on those suspected of serious crimes.
It’s not clear how the bust came about nor how the servers were identified. If messages transmitted using the servers were encrypted, it seems unlikely investigators would be able to read their contents (as they do not have physical access to the devices themselves), but metadata—such as information showing who contacted who, and when—may be available.
“The data from the protected servers will be further analyzed and, where possible, used in ongoing investigations,” the police service writes.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.