Dutch Police Say They Can Access Encrypted Emails on PGP Equipped BlackBerrys
Known for their security, BlackBerry handsets use the PGP encryption mail, which makes the phone extremely secure. However, the criminal group are taking advantage of this feature and using BlackBerry devices to carry out attacks since their communication can’t be traced and/or decrypted.
The good news is that the Dutch Police have confirmed to Motherboard that they are able to read encrypted messages sent on PGP BlackBerry phones—custom, security-focused BlackBerry devices that come complete with an encrypted email feature, and which apparently may be used by organized criminal groups.
The news first appeared when Dutch blog “misdaadnieuws.com,” or Crime News, published apparent documents sourced from the NFI (Netherlands Forensic Institute) in December last year, that indicated that deleted messages can be recovered, and encrypted emails read on BlackBerry devices.
Also, Tuscha Essed, a press officer from the NFI (Netherlands Forensic Institute), told Motherboard in an email that “we are capable of obtaining encrypted data from BlackBerry PGP devices.” The NFI is a body that helps law enforcement in forensic evidence retrieval, and which, according to its website, deals with most of the forensic investigations in criminal cases in the Netherlands.
A number of online vendors sell PGP-encrypted BlackBerrys, which are advertised as being mainly more suitable for sensitive communications than the standard models on offer. “We use PGP encoding as protocol for sending and receiving messages,” the site of one vendor, TopPGP, reads. Another seller, called GhostPGP, says that the company “offers the only proven, time-tested means of communicating securely in total anonymity with PGP-encrypted email.”
While NFI did not discuss the exact methods involved to decrypt data sent through BlackBerry devices, it however needs physical access to the actual BlackBerry device.
When asked how the Dutch police can decrypt BlackBerry data, Essed stated that “by answering these we would provide criminals with exactly the information they would need in order to eventually get around our research method.
“We would like to prevent that and therefore have been very reserved with our explanation towards the press.”
However, there is speculation that it is relying on a tool from Cellebrite to get the job done. One possibility is that investigators are guessing the password based on a memory dump, even though that normally requires yanking a memory chip off the phone’s motherboard.
While the NFI says that it has broken the code, it hasn’t been able to do so in every case. According to the Crime News report, in one test, out of 325 encrypted emails, only 279 were cracked by the organization. In addition, the actual BlackBerry device that has the encrypted message needs to be in the possession of the law enforcement group looking to crack the code. This restricts the effectiveness of the method in real-life applications.
The phone used in the test is rumored to be the BlackBerry 9720, a model of BlackBerry that was released in August 2013.
“We wrote about this years ago. This affects all mobile devices including Android offerings! Weak passwords will always be the weak link. Content protection is on by default for all our units. This has been the case since day one. Without it, the devices are easily cracked. [BlackBerry] devices can still be brute forced via chip-off. It could possibly be that Cellebrite has found a way to brute force without a chip-off: this I have not verified,”-Jay Phillips, encrypted BlackBerry seller SecureMobile.ME
According to claims made by some PGP vendors, their BlackBerry phones remain 100% secure. According to GhostPGP, “We have not been affected. Our services are completely secure and have never been compromised.”
Meanwhile, TopPGP told Motherboard, “We use the latest PGP encryption at this moment that it’s almost impossible to be decrypted. Our customers are very happy with the level of security provided by TopPGP.com.”