Do Recent Cryptophone Sweeps Signal Supply-Chain Coup for ‘White Hats’?

Besieged by increasingly severe supply-chain attacks, the Western cybersecurity community is on edge. Yet, three sensational law-enforcement takedowns of crime-linked, encrypted phone networks suggest the sword cuts both ways, as white hats are also PWNing communications networks favored by transnational organized crime with similar success.

This point was first raised in March by Black Hat hacker conference Review Board member Daniel Cuthbert in a since-deleted tweet following the publication of this journalist’s feature in the Diplomat that detailed “How Asian Drug-Trafficking Networks Operate in Europe”.

At the time, Cuthbert was responding to a speculative correlation made in the article linking the Sky ECC cryptophone dragnet, which was led by Belgian, Dutch, and French authorities, to the January arrest of Tse Chi Lop, the alleged billionaire kingpin of the Sam Gor Asia-Pacific drug cartel, after he was deported from Taiwan and forced to fly to Amsterdam’s Schiphol Airport.

Tse’s Dutch criminal defense lawyer, André Seebregts, said links to recent encrypted phone sweeps like Sky, EncroChat, and Anom “have thus far played no role in the limited scope of Tse’s extradition case,” which was orchestrated by the Australian Federal Police. Seebregts also said Tse “denies any involvement with the Sam Gor syndicate or any criminal organization.”

But the overall gist of Cuthbert’s tweet was that Western cyber-investigators don’t get enough credit for their supply-chain hacks. In cyber, supply-chain exploits entail the malicious compromise of a trusted piece of software or hardware at the source. “By compromising a single supplier,” writes Wired, “spies or saboteurs can hijack its distribution systems to turn any application they sell, any software update they push out, even the physical equipment they ship to customers, into Trojan horses.”

Click Here to Read The Whole Story

SUBSCRIBE NOW: 60 Day Free Trial

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.