Anom and Encrochat – How to find useful information in 127 million messages

Anom and Encrochat – How to find useful information in 127 million messages
2021-09-17 Paliscope

Anom and Encrochat – How to find useful information in 127 million messages

EncroChat and Anom were two encrypted communication and network services, which both were infiltrated by police. Both services were used by criminals worldwide, and before they were shut down, police used them to make thousands of arrests.

We have spoken to Christian Berg, founder of Paliscope, and asked him to give us his thoughts about Anom and EncroChat. He will also tell us how the police can work more effectively with these kinds of cases using software that can search through and find objects of interest in text, photos and videos.

What are EncroChat and Anom?

All criminals need to communicate with an encrypted service where no company or authority is in the way. There are several different types of end-to-end encrypted services, and the most commonly used are Signal and WhatsApp.

End-to-end encrypted services do not store data anywhere, and they cannot hand over text from their users to authorities. This gives criminals a safe way to communicate.

EncroChat was a Europe-based communication network and service provider used primarily by organised crime members to plan criminal activities.

Anom was, from the beginning, started by a person who faced criminal charges. In exchange for a reduced sentence, he agreed to cooperate with the FBI. He offered to develop and distribute Anom to criminals through an existing network.

In June 2020, EncroChat was shut down by the company that created it. But then the police already had information which led to at least 1000 arrests. A year later, in June 2021, more than 800 arrests were made worldwide with information from Anom users.

How can EncroChat and Anom be used as evidence in court?

– I´m not sure if they can use these messages as crucial evidence. Would it hold up in court? I don´t know. But evidence that they got from EncroChat and Anom is enough to start an investigation. And during the search, they will probably find other proof which can be used in court. They might even find the phone which the criminal used and tie the criminal to the messages. I think that should be enough to hold as evidence. But above all, they can find events connected to what was said in the messages. 

Two extensive encrypted communication services have been infiltrated in one year; how will criminals communicate now?

– The need to communicate encrypted will not diminish or disappear. And the authorities’ desire to get into the networks will not decrease either. So there will probably be a new encrypted service. It will, of course, be more challenging for the new service to earn credibility. I think they will have to say, “You can’t trust us, and the only way for your message to be safe even during an infiltration is if the message is encrypted on your device before it is sent”. But there are still some difficulties with this, such as the encryption key, which needs to be changed. So how will they safely do that? I don´t know. But I’m sure there will be a new encrypted service that criminals will use in the future. 

Why do they not use WhatsApp and Signal, which are already existing end-to-end communication services?

– I think many criminals use WhatsApp and Signal already. Even Edward Snowden has made a statement about Signal, saying it is a safe communication service to use. If I were a criminal, I would use these since it is much easier to hide in noise. I mean, EncroChat had 60 000 users, and WhatsApp has billions. But at the same time, I’m not sure if and how much data WhatsApp saves…

How can the police work in the future with end-to-end encrypted services for criminals?

– A lesson learned by EncroChat and Anom is that everything will be encrypted in the future. And it will be even more challenging to crack. It is already tricky to monitor internet traffic since everything is so heavily encrypted. So I think that in countries where authorities wire-tap everything, they might even go so far as to forbid these kinds of services. But I believe that the police will work even harder now on these kinds of operations since obviously, it gave excellent results. 

From EncroChat, they got hold of more than 100 million messages and from Anom more than 27 million. How is it possible to find anything useful in all that data?

– Since most things concerning how the police worked with Anom and EncroChat are classified, I don’t know how they did it. But they would probably need to use software that helps structure data because doing all that work manually would take too much time. The problem is that, let’s say they find someone talking about ordering a murder for 500 €. Now they have that message. But maybe the person they ordered the murder from is talking to someone else about 500 € and a weapon in another forum. Then somehow, they need to connect the two, which can be difficult without software using AI that can understand and follow information.

How can we use Paliscopes products to work with these cases?

– Paliscopes product YOSE is a software that enables you to search through and structure text, films and pictures. It has AI technology to recognise different kinds of images, so for example, it can detect photos of drugs and weapons. YOSE can also read text on pictures, which is helpful when someone has sent a screenshot. So YOSE could search through all messages sent through EncroChat and Anom and sort out all films, messages and pictures that are important for the investigator to read. YOSE can also connect the dots between information, like in the example I gave you earlier with the 500 €. YOSE would see this coincident information and connect it. This will save you a lot of time. 

Is it not better to read through everything yourself to make sure nothing is missed?

– Maybe YOSE could miss information; no AI is perfect. But to be honest, the risk of missing out on information is probably bigger if searching through all this information manually. There are two aspects of not reading through everything. One is the privacy of the user. Maybe you don’t care about the criminals’ privacy, but there are probably also users who are not criminals. And you want to let them have their privacy. The other thing is that if you do a criminal investigation, you want to delimit as much as possible. You do not want people who are entirely irrelevant to be involved in an investigation. It can be compared to a house search. You can’t just run into a house and take everything. You must take what is relevant to the investigation. YOSE helps you to look at things relevant to the investigation. It saves a lot of time for the investigator.

We would like to thank Christian for his thoughts about Anom and Encrochat. If you want to know more about how Paliscopes products can help you with your investigation, you are welcome to contact us.

Encrochat:

  • More than 60 000 users.
  • At least 1000 arrests were made.

Anom:

  • More than 12 000 encrypted phones were used.
  • Mer than 300 criminals used it from over 100 countries.
  • More than 27 million messages were read during 18 months.
  • More than 100 police operations all over the world.
  • More than 800 arrests were made.
  • More than 700 premises were searched.
  • More than tons of cocaine was obtained.

Share this article

You might also like

  • Oct042021

    YOSE Product Update: Manage, analyze, and link ALL your data in one app

    YOSE beta release 2021.2 is bursting with major innovations that are…

    Read more
  • Sep272021

    Discovry Product Update: Creating reports in Discovry is now faster and more flexible than ever before

    With this update, we’ve taken a huge step towards our goal of creating…

    Read more
  • Sep092021

    It is time for the next big step for Paliscope

    It’s time to accelerate our product development and reach out internationally.

    Read more