Mason Wilder, CFE, ACFE Sr. Research Specialist, and Mandy Moody, CFE, ACFE Communications Manager, discuss the “sting of the century.” Operation Trojan Shield was a collaboration between the U.S. FBI and DEA, the Swedish and Australian police, and other global agencies to infiltrate an encrypted chat platform. The operation led to 800 arrests, seizures of drugs and firearms, and an ongoing list of money laundering revelations.
In the excerpt below from the full transcript of episode 110, Mandy and Mason discuss the technology that was used to discover and “overhear” the illegal activity. Download the full transcript in PDF form or listen to the episode at the bottom of this post.
Mandy: Hold on, I’m going to stop you right there. Explain, just for everybody listening, what an encrypted device is.
Mason: There’s a great deal of demand within criminal organizations and just worldwide organized crime for devices that are safe to use without fearing that law enforcement is going to be eavesdropping and spying on you. There have been several companies that have either modified existing smartphones or developed their own hardware that run encrypted communications networks that work like either email or chat and messaging platforms. The device is encrypted; the traffic is encrypted. They’re only sold on the black market through word of mouth.
Criminals get to not using any kind of euphemisms and speak frankly about exactly what they’re doing and how they’re doing it and where they’re doing it and when they’re doing it supposedly without fear of law enforcement spying on that.
Mandy: They can safely conduct criminal activity?
Mason: Yes, theoretically. That’s the sell for the organized criminals, but this was not the case with this one. The FBI basically created their own platform and got this guy to help distribute the devices, and then every single message or email that was sent, basically you were going to BCC someone on an email, it created a copy of every single message and sent it to a server in a different country. Then the Australian Federal Police would go through all those messages, send the highlights to the FBI and other international law enforcement agencies a couple of times a week.
A couple of years later, there’s been 800 arrests. They sold almost 12,000 of the devices to people linked to more than 300 organizations in more than 100 countries. They’ve got 27 million messages or so that they intercepted to analyze and learn more about the inner workings of all these criminal organizations.
Mandy: I’ll give a few stats here. You just said more than 800 arrests and the seizure of over 8 tons of cocaine, 22 tons of cannabis, 2 tons of synthetic drugs, 6 tons of other synthetic drug precursors, 250 firearms, 55 luxury vehicles, and over 48 million in worldwide currencies and cryptocurrencies, 16 countries, and more than 700 house breaches. That was a lot.
Mason: Yes, and it’s clear not only from the reporting, but actually the FBI revealing it as well, this was primarily targeting drug trafficking. It was an operation from the Organized Crime Drug Enforcement Task Force, and they were keying in on international drug distribution networks.
Mandy: As far as the encrypted communication that they did use and the data that they had, any insight into how they even went about combing through all that data?
Mason: There’s some software that you can use for link analysis and stuff that has some artificial intelligence or machine learning capabilities so I’m sure there was some of that. Honestly, I bet there were a lot of Australian police officers just sitting around getting a big kick out of reading all these messages and, “Hey, hey, come check out what this guy said.”
SOURCE: ACFE Insights – A Publication of the Association of Certified Fraud Examiners