© AFP Federal Police
One of the results of a global sting where law enforcement agencies took over an encrypted communications network used by criminals but created by the FBI
An Australian Federal Police-led operation has charged more than one hundred organised crime members after developing a world-leading capability to see encrypted communications used exclusively by organised crime.
The encrypted communications – which allegedly included plots to kill, mass drug trafficking and gun distribution – were decrypted from a platform covertly run by the FBI.
More than 4,000 members from the AFP and state and territory police have been involved in the execution of hundreds of warrants since 7 June, 2021, under Operation Ironside, which covertly began three years ago. Operation Ironside has led to the arrest of 224 offenders on 526 charges in every mainland Australian state. 3.7 tonnes of drugs, a large number of weapons, $44,934,457 million in cash, and assets expected to run into the millions of dollars, have been seized under Operation Ironside since 2018.
The AFP also acted on 20 threats to kill, potentially saving the lives of a significant number of innocent bystanders, with intelligence referred to state police agencies which took immediate action.
More arrests are expected domestically and offshore under a coordinated global response connected to Operation Ironside.
The AFP is also likely to seek extradition requests for a number of persons of interest living overseas. It comes as there have been tonnes of drugs seized and hundreds of arrests overseas.
The AFP has indicated that offenders linked to Australian-based Italian mafia, outlawed motorcycle gangs, Asian crime syndicate and Albanian organised crime are among those charged under Operation Ironside.
Operation Ironside began almost three years ago and is the Australian component of a long-term, international, covert investigation.
The FBI and AFP targeted the dedicated encrypted communications platform, which was used exclusively by organised crime.
After working in close partnership on Operation Safe Cracking to take down the encrypted platform provider Phantom Secure, the AFP and FBI worked together to fill the vacuum.
The FBI had access to a new app, named AN0M, and began running it without the knowledge of the criminal underworld.
The AFP provided the highly skilled technical staff, and capability to decrypt and read encrypted communications in real time, giving law enforcement an edge it had never had before.
AFP Commissioner Reece Kershaw thanked the FBI for its cooperation, along with the 18 countries that worked with the AFP to maintain the integrity of the platform.
As part of the global operation more than 9000 officers from law enforcement have deployed to the international efforts. Commissioner Kershaw acknowledged the significant resources provided by Australia’s state and territory police during the days of resolution.
“Today, Australia is a much safer country because of the extraordinary outcome under Operation Ironside,” Commissioner Kershaw said.
“It highlights how devastatingly-effective the AFP is when it works with local and global partners, and takes its fight against transnational organised crime offshore.
“This world-first operation will give the AFP, state and territory police years of intelligence and evidence.
“There is also the potential for a number of cold cases to be solved because of Operation Ironside.
“However, tomorrow, and in the future, law enforcement will come up against serious challenges.
“ANOM was an influential encrypted communications app but there are even bigger encrypted platforms that are being used by transnational and serious organised criminals targeting Australia.
“They are almost certainly using those encrypted platforms to flood Australia with drugs, guns and undermine our economy by laundering billions of dollars of illicit profit.
“Organised crime syndicates target Australia, because sadly, the drug market is so lucrative. Australians are among the world’s biggest drug takers.
“One of the causes behind domestic violence, sexual assault, neglect of children and unspeakable tragedy, is illicit drugs.
“Our first responders, our teachers and every Australian should be able to go to work and live in our communities without being harmed by an individual under the influence of dangerous drugs.
The app ANOM app was installed on mobile phones that were stripped of other capabilities. The mobile phones which were bought on the black market, could not make calls or send emails. They could only send messages to another device that had the organised crime app. Criminals needed to know a criminal to get a device.
The devices organically circulated and grew in popularity among criminals who were confident of the legitimacy of the app because high-profile organised crime figures vouched for its integrity.
“These criminal influencers put the AFP in the back pocket of hundreds of alleged offenders.
“Essentially, they have handcuffed each other by endorsing and trusting ANOM and openly communicating on it – not knowing we were watching the entire time,” Commissioner Kershaw said.
FBI International Operations Division Legal Attaché for Canberra Anthony Russo said criminals around the world had long used encrypted criminal communications platforms to avoid law enforcement detection.
“The FBI, with our international partners, will continue to adapt to criminal behaviour and develop novel approaches to bring these criminals to justice,” said the FBI’s Anthony Russo.
“We appreciate our long standing partnership with the Australian Federal Police in the fight against transnational organised crime.”
IN THE US AND IN EUROPE, OPERATION IRONSIDE, KNOWN GLOBALLY AS TROJAN SHIELD, HAS ALSO BEEN SUCCESSFULLY LED BY LAW ENFORCEMENT AGENCIES
ANOM’s administrators, distributors, and agents described the platform to potential users as “designed by criminals for criminals” and targeted the sale of ANOM to individuals that they knew participated in illegal activities.
All defendants are foreign nationals located outside of the U.S.
The US indictment alleges the defendants knew the devices they distributed were being used exclusively by criminals to coordinate drug trafficking and money laundering, including in the U.S. The defendants personally fielded “wipe requests” from users when devices fell into the hands of law enforcement.
The FBI’s review of ANOM users’ communications worked like a blind carbon copy function in an email. A copy of every message being sent from each device was sent to a server in a third-party country where the messages were collected and stored. The data was then provided to the FBI on a regular basis pursuant to an international cooperation agreement. Communications such as text messages, photos, audio messages, and other digital information were reviewed by the FBI for criminal activity and disseminated to partner law enforcement agencies in other countries. Each user was using ANOM for a criminal purpose. Those countries have built their own cases against ANOM users, many of whom were arrested in takedowns in Europe, Australia and New Zealand over the last several days.
Intelligence derived from the FBI’s communications platform presented opportunities to disrupt major drug trafficking, money laundering, and other criminal activity while the platform was active. For example, over 150 unique threats to human life were mitigated.
This operation was led by the FBI and coordinated with the U.S. Drug Enforcement Administration, the U.S. Marshals Service, Australian Federal Police, Swedish Police Authority, National Police of the Netherlands, Lithuanian Criminal Police Bureau, Europol, and numerous other law enforcement partners from over a dozen other countries.
This investigation began after Canada-based encrypted device company Phantom Secure was
dismantled by the FBI in 2018 through a San Diego-based federal RICO indictment and court-authorized seizure of the Phantom Secure platform, forcing many criminals to seek other secret communication methods to avoid law enforcement detection. The FBI—along with substantial contributions by the Australian Federal Police—filled that void with ANOM.
When the FBI and the San Diego U.S. Attorney’s Office dismantled Sky Global in March 2021, the demand for ANOM devices grew exponentially as criminal users sought a new brand of hardened encryption device to plot their drug trafficking and money laundering transactions and to evade law enforcement.
Demand for ANOM from criminal groups also increased after European investigators announced the dismantlement of the EncroChat platform in July 2020. The ANOM platform – unlike Phantom Secure, EncroChat, and Sky Global – was exploited by the FBI from the very beginning of ANOM’s existence and was not an infiltration of an existing popular encrypted communications company.
“Operation Trojan Shield is a perfect example of an OCDETF (US Organized Crime Drug Enforcement Task Forces) case –
an investigation driven by intelligence and maximizing the strengths of partner law enforcement agencies in coordinated efforts to dismantle command and control elements of criminal networks,” said OCDETF Director Adam W. Cohen.
“Coordination is the cornerstone of the OCDETF program, and the impressiveness of the combined efforts of the U.S. Attorney’s Office, FBI, and our foreign partners cannot be overstated. This effort has created lasting disruptive impacts to these transnational criminal organizations.”
Europol’s Deputy Executive Director Jean-Philippe Lecouffe: “This operation is an exceptional success by the authorities in the United States, Sweden, the Netherlands, Australia, New Zealand and the other European members of the Operational Task Force.
Europol coordinated the international law enforcement community, enriched the information picture and brought criminal intelligence into ongoing operations to target organised crime and drug trafficking organisations, wherever they are and however they choose to communicate. I am very satisfied to see Europol supporting this operation and strengthen law enforcement partnerships by emphasizing the multi-agency aspect of the case.”
“This remarkably successful operation demonstrates what can be accomplished when law enforcement agencies throughout the world work together,” said DEA Los Angeles Division Special Agent in Charge Bill Bodner. “Through strong relationships with our partners in more than 67 countries, professionals throughout the DEA, including experts in the Los Angeles Division, supported this unprecedented collaboration and our own mission to disrupt and dismantle the criminal organizations that profit from the distribution of illegal drugs.”