Paris terrorists relied on prepaid phones, and not encryption, to evade detection
According to a recent report by The New York Times, it claims that the Paris terrorists used prepaid burner phones and not encryption phones to carry out the terror attacks on Paris last November, which also helped them evade detection. The details of the attacks were compiled on a 55-page report by the French anti-terrorism police for France’s Interior Ministry, which was apparently handed by someone over to the NY Times as well. This report shows that encryption had a small to non-existent role in the Paris attacks.
The terrorists used either new phones or phones that were taken from their victims in order to communicate with each other. And the terrorists discarded all of them, with one attacker activating a phone less than an hour before he carried out a suicide attack, according to the report.
The newest details revealed by the NY Times also about how at least nine suspects planned and carried out the attacks. Investigators are still piecing together the events that immediately preceded the attacks and hope to collect details from the arrest of Salah Abdeslam, the suspected logistics chief of the attack who was apprehended in Brussels on Friday. The events have also helped inspire an international conversation over the use of mobile encryption, a widely adopted means of increased data security that protects the integrity of a message while in many cases making it impossible for authorities to access those communications before it’s too late.
“Everywhere they went, the attackers left behind their throwaway phones, including in Bobigny, at a villa rented in the name of Ibrahim Abdeslam,” the Times reported. “When the brigade charged with sweeping the location arrived, it found two unused cell phones still inside their boxes.”
However, what is interesting is that among all the burner phones, there wasn’t a single e-mail or online chat message that was found. In other words, the attackers seemed to have known such communication venues would be under surveillance by the intelligence agencies, which likely lead them to depend on regular cellular network calls instead of encryption.
The information has been picked up privacy advocates as further evidence that encryption was not the main mechanism that allowed the terrorists to avoid detection for the months leading up to the attack. In other words, it shows how effective the use of burner phones still is.
The report as a result has the potential to undermine the argument that encryption creates an environment for terrorists to freely communicate with each other, the same argument currently used by the FBI and other agencies.
One witness described as seeing one of the terrorists on a laptop using what looked like encryption software that ISIS claimed to have used during the Paris attacks. However, some have pointed out that they most likely witnessed a Verbose Boot instead, or a boot that allows the user to see the code output when your computer boots up.
However, many were quick to criticize the connection. The witness probably wasn’t looking at some encryption software in action, because such systems show the decrypted message, not the encrypted form.
Julian Sanchez, a tech and privacy-focused senior fellow at the Cato Institute, tweeted that the incident is more “suggestive of a verbose boot,” which starts up a device in a single-user mode.
“Using encryption looks like ‘reading a message’ because you decrypt it first,” he added.
Currently, it appears likely that encryption played little or no part in the Paris terrorist attacks until there are stronger evidences are obtained that prove otherwise.