Encryption & Key Management , Endpoint Security , Internet of Things Security
Cryptophone Service Crackdown: Feds Indict Sky Global CEO
Canadian Charged With Running 'Illicit Secret Communications Network'Authorities in the U.S. have extended the international police crackdown against the Sky ECC cryptophone service by indicting both the parent company's CEO and its main distributor.
See Also: SASE: Recognizing the Challenges of Securing a Hybrid Workforce
Jean-François Eap, CEO of Sky Global, and Thomas Herdman, who authorities say distributed Sky Global devices until December 2020, have both been charged with a conspiracy to violate the federal Racketeer Influenced and Corrupt Organizations Act, aka RICO, by running an "illicit secret communications network" for criminals. They have also been charged with a conspiracy to distribute controlled substances. Each charge carries a maximum penalty of life in prison.
Warrants for the arrest of both Canadians, who are based in Vancouver, Canada, were issued by a judge in the U.S. District Court for the Southern District of California on Friday, the Department of Justice says.
The indictment of Eap - aka "888888" - and Herdman follows a coordinated, international law enforcement operation that involved police in Belgium and the Netherlands last week arresting numerous alleged users of Sky's cryptophone service (see: Police Target Criminal Users of Sky ECC Cryptophone Service).
Authorities allege that Sky Global knowingly facilitated criminal activities being coordinated via its encrypted messaging service by some of the device's 70,000 users worldwide, took an “ask nothing/do nothing” approach to any reports of criminality tied to its service and used shell companies and bitcoin cryptocurrency to hide the company's profits, according to the indictment, dated Friday, which was obtained by Vice.
Any evidence authorities might have gathered against the suspects has yet to be released.
Sky ECC's smartphones were available via various plans, with a six-month subscription running from $950 to $2,600, depending on the choice of device - iPhone, Google Pixel, BlackBerry or Nokia.
Before selling the devices to customers, Sky Global's technical team "removes the internal hardware/software responsible for the GPS, camera, internet and voice communications," according to the indictment, which was returned by a federal grand jury first convened in November 2019. "Sky Global then installs sophisticated encryption software and routes the data through encrypted servers located in Canada and France."
Sky ECC's encrypted messaging apps included the ability to auto-delete messages after a preset amount of time. Devices could also be remotely wiped by Sky Global's administrators, the indictment says.
Sky Global Allegedly Facilitated Transnational Crime
Police say that as a result of its actions, Sky ECC has been unavailable for customers since Tuesday.
"Sky Global’s purpose was to create, maintain and control a method of secure communication to facilitate the importation, exportation and distribution of heroin, cocaine and methamphetamine into Australia, Asia, Europe, and North America, including the United States and Canada; to launder the proceeds of such drug trafficking conduct; and to obstruct investigations of drug trafficking and money laundering organizations by creating, maintaining and controlling a system whereby Sky Global would remotely delete evidence of such activities," the Justice Department says. "The indictment alleges that for more than a decade, Sky Global has generated hundreds of millions of dollars in profit by facilitating the criminal activity of transnational criminal organizations and protecting these organizations from law enforcement."
Sky Global's CEO has disputed those allegations and said he has received no direct notice of any charges being filed against him or any extradition request.
"Sky Global’s technology works for the good of all. It was not created to prevent the police from monitoring criminal organizations; it exists to prevent anyone from monitoring and spying on the global community," Eap says in a statement released Sunday and posted to the company's website.
"The indictment against me personally in the United States is an example of the police and the government trying to vilify anyone who takes a stance against unwarranted surveillance," he says. "The unfounded allegations of involvement in criminal activity by me and our company are entirely false. I do not condone illegal activity in any way, shape or form, and nor does our company."
Eap has also disputed claims by police that they cracked Sky Global's encryption. Previously, Sky Global had offered a $5 million reward to anyone able to demonstrate that they had cracked the encryption.
Arrested: Hundreds of Sky Global Users
Following a two-year investigation into Sky Global and its customers, last week, police in Belgium, France and the Netherlands launched numerous house searches, leading to hundreds of arrests of alleged users - including three attorneys in Antwerp, Belgium - as well as the seizure of thousands of kilograms of cocaine and methamphetamine, hundreds of firearms, millions of euros in cash as well as diamonds, jewelry, luxury vehicles and police uniforms, officials say.
In Europe, "the operation was concentrated on taking down the Sky ECC infrastructure, dismantling the distribution network and seizing the criminal assets of the distributors,” Frédéric Van Leeuw, a Belgian federal prosecutor, said at a Tuesday press conference, The Brussels Times reports. In addition, "as many Sky ECC devices as possible” had also been seized from suspects, he said.
Police in Europe say that since February, they gained the ability to wiretap Sky Global's network and have been monitoring 3 million messages exchanged daily by 170,000 global users.
Belgian authorities on Tuesday said police had amassed about 1 billion messages and so far decrypted nearly half of them, feeding relevant intelligence to international law enforcement agencies. Authorities say that while they have been amassing encrypted messages for months, they only gained the ability to decrypt them in mid-February.
Dutch authorities say those messages have revealed numerous planned criminal operations, including kidnappings and contract killings.
Legitimate Users: Please Come Forward
On Thursday, Belgium's Federal Police issued a public appeal, noting that the lead judge in the case said all legitimate Belgian users of Sky ECC must identify themselves to authorities.
"As part of an international investigation, Belgian users of SKY ECC telephones are informed that their data has been intercepted by order of the French investigating judge," the police force says in a public notification.
"This data will now be the subject of an additional investigation in Belgium. People and companies who have used SKY ECC services for legitimate purposes are asked to report this to the police," according to the notice. "The data collected will be secured after verification by the examining magistrate and will no longer be the subject of a more in-depth police investigation, for the purpose of protecting their privacy."
Police Continue to Target Cryptophone Services
The law enforcement operation targeting Sky Global is not the first crackdown against a cryptophone provider accused of facilitating criminal operations.
In 2018, the FBI disrupted the Canadian secure smartphone service Phantom Secure, and Dutch police dismantled encrypted messaging handset provider BlackBox.
In June 2020, police in Europe disrupted EncroChat after gaining access to its encrypted cellular network and monitoring messages. EncroChat sold smartphones for about $1,000, with a six-month service plan running $1,700.
A Belgian underworld source told newspaper Gazet van Antwerpen last July that "almost everyone in Antwerp switched from EncroChat to Sky" after the takedown.