Operation Ironside Sees Police Raids Worldwide

0

By Staff Writer

A cyber sting three years in the making culminated on Monday when the Australian Federal Police (AFP) executed hundreds of search warrants in Australia-wide raids.

Dubbed Operation Ironside, the AFP joined the FBI to harness an encrypted app called ANoM and feed it into underworld circles worldwide.

Since 2018, the AFP has been reading the presumed secure ANoM messages that resulted in Monday’s raids. With state police agencies, the AFP arrested 224 people on 526 charges. Simultaneous raids occurred around the world.

Across multiple jurisdictions over three years, law enforcement agencies collected 20 million messages and monitored activity on 11,800 devices worldwide.

Australian Prime Minister called the raids a heavy blow against organised crime and a watershed moment.

There emerged a gap in the illicit encrypted messaging market following the demise of Phantom Secure in 2018. It is now known at the same time, the FBI was running a “human source” in San Diego who was developing a next-generation encrypted messaging app. The source allowed the FBI access to the app, called ANoM. The source, who had extensive underworld connections, agreed to distribute the app into criminal networks. Critically, the human source was trusted by his criminal networks – a prerequisite to the app’s take up.

“The void created by Phantom Secure’s dismantlement provided a new opportunity for criminal users to switch to a new, secure brand of device,” said FBI Special Agent Nicholas Cheviron in an affidavit to a United States District Court in May.

The AFP says they installed the ANoM app on phones stripped of other capabilities. The FBI’s source built a master key into the existing encryption system, which attached to each message, allowing law enforcement agencies to decrypt and store the message as it is transmitted.

“A user of ANoM is unaware of this capability,” Agent Cheviron’s affidavit noted.

Distribution began in October 2018, primarily through three criminals in Australia, with wary criminals unlikely to accept handsets not coming from known and trusted sources.

“The AFP provided the highly skilled technical staff and the capability to decrypt and read encrypted communications in real-time, giving law enforcement an edge it never had before,” says the AFP in a statement.

The FBI says the take up of ANoM was initially slow, growing “organically” based on word-of-mouth among users.

“These criminal influencers put the AFP in the back pocket of hundred of alleged offenders,” says AFP Commissioner Reece Kershaw.

By mid-2019, demand for the devices was increasing in Australia and elsewhere. With usage on the rise, the AFP played a growing role in monitoring the messages. Along the way, the AFP disrupted serious emerging threats, including 20 threats to kill.

This week, with three years of monitoring, data collection, and intelligence gathered, law enforcement agencies moved to shut down ANoM and sweep up its users.

The FBI says taking over ANoM proved a novel and highly successful way to operate. On Monday, 9,000 law enforcement officials, including 4,000 in Australia, were involved in arrests and searches. Police expect further arrests to follow.

Share.