The creation of sophisticated encryption tools is closely connected to the efforts of the armed forces and state authorities to conceal their communications and strategic documents, which are important for the functioning of the state, security system and protection of citizens. Special encryption tools are also employed in the private sector, helping to protect corporate know-how from economic espionage. However, Cryptography in the hands of criminal entities makes it more difficult for law enforcement and border authorities to detect, document and investigate serious crime related to smuggling and trafficking in human beings.
By Lukáš Vilím, Borut Eržen, Monika Weber
Cryptography, or the art of encryption, is several thousand years old. One of the first historically documented uses of special codes in communication can be traced back to ancient Egypt, when non-standard hieroglyphs were used to obscure message content. Initially, encrypting a message was simple; the equipment needed was a piece of parchment and a writing instrument, and later a piece of paper and pencil along with a tool such as a Vigenère square or handy mathematical formula. The art of cryptography became increasingly important in the first half of the 20th century with the result that various sophisticated devices began to emerge, which allowed complicated encryption procedures to be used, such as the German Enigma machine. The creation of sophisticated encryption tools is closely connected to the efforts of the armed forces and state authorities to conceal their communications and strategic documents, which are important for the functioning of the state, security system and protection of citizens. Special encryption tools are also employed in the private sector, helping to protect corporate know-how from economic espionage.
The new century saw the increased use of computer technology and the associated expansion of cryptography, which uses complex mathematical algorithms; all activity is carried out by special software that protects secret information from unauthorised access. With knowledge of crypto applications spreading throughout society and becoming easily available, 21st century criminal groups are not standing aside – it is in their interest to use encryption for their business. Cryptography in the hands of these criminal entities makes it more difficult for law enforcement and border authorities to detect, document and investigate serious crime related to smuggling and trafficking in human beings.
New technologies have a significant influence on the formation of new modus operandi used by organised crime groups involved in international trafficking in human beings and people smuggling. Technology has broadened criminals’ ability to traffic human beings for different types of exploitation, including sexual and labour exploitation, the removal of organs, illegal adoption of children and forced marriages. Organised criminal groups that are active in people smuggling and human trafficking are using modern communication technologies to exploit their victims multiple times over: from advertising and recruiting victims to blackmailing them with photos and videos to control their movements.
It is not just a question of encrypting data stored on individual devices, but also of the communication itself between devices connected to the Internet. End-to-end encryption is an encrypted communication method that is widely used in organised migrant smuggling. The decryption of these ciphers is then dependent on the quality of the operative activity carried out by cybercrime specialists, who focus on terminal equipment or wait for the offender to make a mistake. The current trend is to use all communication applications that enable encrypted transmission by electronic devices using the necessary operating system, allowing the application to be installed and a connection to the Internet to be established in order to enable the required connection. There are also applications that enable the whole device to be encrypted, which makes it difficult to find its contents or to discover the necessary information and evidence.
New communication applications encrypt the entire communication between the sender (caller) and the recipient (person called), which is enabled by private and public keys, where the message can be decrypted only by the private key. The only information that can be used by security forces, in this case, is metadata. The data that ISPs can provide, even when the call content is unknown, enable the caller and call recipient to be identified. One of the first apps to allow encryption was Telegram, which is widely used by organised crime groups and migrant smugglers. Today, many apps, including Signal, Wickr, WhatsApp and even Apple’s iMessage, use end-to-end encryption.
The current Europol report “Serious and Organised Crime Threat Assessment (SOCTA) 2021” directly describes the security risks that arise for border security when ICT is used by organised groups that smuggle people across borders, whether by land, air or sea.
The proliferation of sophisticated digital technologies and the widespread use of social media and encrypted communications will create opportunities for migrant smugglers to propagate their services, and to coordinate among each other and recruit victims, eluding law enforcement detection. The use of cryptocurrencies by smuggling networks has been recently reported and may increase in the foreseeable future. Migrant smugglers make frequent use of digital services and tools, such as social media and mobile applications for recruitment, communication in general and on money transfers, pick-ups and handover of migrants, mass-mobilisation of migratory movements, providing route guidance, sharing pictures and videos of documents and tickets, and monitoring law enforcement activities (via video surveillance and even with drones).
In relation to the use of anonymisation tools by organised crime groups, a significant milestone was reached in 2013, when Edward Snowden published classified information on intelligence monitoring and the interception of telecommunication devices. The primary interest was not the content of the calls, but the pure metadata in the form of caller information, caller location, phone locations, call duration and other additional information. Subsequently, this information was used to determine targets for drone strikes used to eliminate terrorists on their own soil. While the contents of the terrorist calls were well protected by the encryption of an application, the software used did not hide information in the form of metadata. Communication servers themselves need to know the necessary information about where to send the message (sender-recipient).
The use of encryption is one of the basic requirements in the operational planning of people smuggling. The real fact is that smugglers are increasingly using computer technology and encryption methods to communicate and plan unauthorised border crossings.
With the development of new apps, it will be harder for border guards to defend borders against organised smuggler groups. It doesn’t matter whether these groups are using Telegram or other messaging platforms such as Rocketchat, Riotchat, the Russian app TamTam or Chinese app BCM. The most important factors are who created the platform, who manages it and who can view the source code. Supposedly secure apps may help their creators to obtain information of interest. This is precisely the path of social engineering and intelligence techniques. Nowadays, it is increasingly evident that the art of deception does not change its basic roots; it only uses new tools to maximise the exploitation of information.
Detecting, documenting and investigating this type of crime will depend on international cooperation and information sharing between border guards, law enforcement and intelligence. To combat this phenomenon, political interests must be set aside and the primary interest must be the protection of borders. The first step to strengthen the security of borders must be initiated by the security system and top-level management. The purpose is to create a strategy describing the current capabilities of border guards in protecting state borders against new types of crime in connection with cyberspace: a strategy that will be able to set the goals that need to be achieved in order to distribute forces and funds to improve the ability of border guards to combat new trends in border security risks. The strategy will enable top-level management to set goals to be achieved within a certain period of time. The ideal timeframe is five years and attention must be paid to the following areas:
• organisational and structural changes, if reorganisation is needed;
• specification of personnel requirements when selecting new employees who will deal with cyber security;
• setting up material and technical development to provide the necessary technological tools to combat new trends threatening border security and leading to illegal activities in this area;
• creating a suitable education system to ensure a high-quality teaching plan, providing sufficiently knowledgeable and trained lecturers and supplying appropriate teaching aids to increase cyber knowledge;
• proposing the necessary legislative changes to make it possible to protect borders from illegal cross-border cyber activities;
• in the area of national and international cooperation a point of contact has to be set to communicate with other entities (law enforcement, prosecutors, intelligence). When clarifying the parameters of cooperation, contractually confirmed partnerships that clarify competence ambiguities, communication rules or, for example, rules of mutual transfer of information are very beneficial for the central contact point.
To successfully implement the new strategy at a political level, its application rests on the shoulders of the border management itself. The final step could be to create a special unit dedicated to detection, documentation and investigation that will focus solely on cyberspace issues. This unit will be designed to support border units and will be a liaison point for cooperation with national and international police authorities.
Literature:
- SINGH, DR SIMON. CODE BOOK: the Secret History of Codes and Code -Breaking. S.l.: FOURTH ESTATE LTD, 2011.
- KOLOUCH, JAN. CyberCrime. Praha: CZ.NIC, z.s.p.o., 2016.
Internet sources:
- “End-to-End Encryption,” December 7, 2021. https://en.wikipedia.org/wiki/End-to-end_encryption.
- “Metadata,” April 5, 2020. https://en.wikipedia.org/wiki/Metadata.
- “Pretty Good Privacy.” Wikipedia. Wikimedia Foundation, December 2, 2021. https://en.wikipedia.org/wiki/Pretty_Good_Privacy.
- “Tails (Operating System).” Wikipedia. Wikimedia Foundation, December 12, 2021. https://en.wikipedia.org/wiki/Tails_(operating_system).
- “Tor (Anonymity Network).” Wikipedia. Wikimedia Foundation, December 12, 2021. https://en.wikipedia.org/wiki/Tor_(anonymity_network).
- “What Is an SSL Certificate?,” n.d. https://www.globalsign.com/en/ssl-information-center/what-is-an-ssl-certificate.
- https://www.europol.europa.eu/publication-events/main-reports/european-union-serious-and-organised-crime-threat-assessment-socta-2021 (2021, December 12)
The article was supported by the Ministry of the Interior of the Czech Republic, project No. VI20192022117, Detection of Radicalization in the context of population and soft targets protection from violent incidents."