Categories: Security

Dutch Police Crack ‘BlackBerry PGP’ Handsets

The Netherlands’ national forensics agency has confirmed it is able to read messages sent from BlackBerry devices protected with PGP encryption, after evidence taken from such a device was reportedly used to help successfully prosecute a suspect in a Dutch drugs transport case last month.

The Netherlands Forensics Institute’s (NFI) disclosure sheds light on the encryption arms race between law enforcement agencies and those seeking to conceal their communications using encryption.

Encryption cracked

Law enforcement bodies, including those in the UK, have criticised the rapid expansion of encrypted communications as hindering the efforts of security services.

The NFI confirmed in a statement that it has the ability to decode encrypted messages stored on “BlackBerry PGP” handsets, as they are known – BlackBerry devices sold by third parties customised with PGP encryption tools co-developed by PGP and BlackBerry, and connected via third-party BES servers. The agency declined to provide further details.

PGP advertises the technology involved, called PGP Support Package for BlackBerry, as a way of securing emails between any PGP-enabled sender and recipient mobile device or desktop client.

The devices are widely used by criminals to organise illegal activities, according to law enforcement authorities.

Last month Dutch blog Misdaadnieuws (Crime News) published what it called confidential documents disclosing that the NFI was using technology developed by Israel-based mobile tools maker Cellebrite to decrypt messages on BlackBerry PGP handsets.

In a case cited as an example in the documents, the NFI said it was able to decipher 279 out of the 325 encrypted messages stored on a BlackBerry PGP device, according to Crime News.

A court in East Brabant in early December 2015 sentenced a defendant to five years in prison based in part on evidence obtained from a BlackBerry PGP device, the blog reported.

Code-breaking tools

The NFI used Cellebrite’s Universal Forensic Extraction Device (UFED) technology, according to Crime News, which identified a specific version of a desktop tool called UFED4PC. The NFI’s disclosure was also reported by online industry journal Motherboard.

UFED devices are widely used by government and military agencies to extract and decrypt data from mobile devices, with The Guardian reporting in 2009 that up to 35 of the 43 police forces in England and Wales use them. In December 2014 BBC crime drama The Fall featured the decryption of mobile data by investigators using UFED technology as a key dramatic point.

In July of last year Cellebrite stated that its UFED forensics products were “widely used” by US federal government bodies. Cellebrite claims to have government, corporate security and private investigative agency customers in more than 100 countries.

The technique used doesn’t involve intercepting communications, but rather extracting and decrypting data from the device itself, with the most thorough method involving making a bit-for-bit copy of everything in the device’s memory, from which users can recover deleted data and decipher encrypted messages, according to Cellebrite.

Security at stake

UFED products are able to handle data from most mobile device makers, but BlackBerry devices have a particular reputation for security, being widely used by government customers. Cellebrite claims to have been the first to enable physical extraction and decoding of the flash memory in BlackBerry devices.

The debate over encryption goes beyond law enforcement, with many claiming that civil liberties are at stake. Apple has argued that government efforts to ensure their access to encrypted communications weaken security for all users.

Campaign group Liberty has argued that the broad use of UFED devices by British police to recover data from suspects’ mobile devices step beyond laws originally designed to enable searches of clothes and handbags.

The group called for legislation to be updated to clarify when police are entitled to extract mobile phone data and to ensure legal safeguards.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • The reason the messages were able to be de-crypted was due to extremely negligent PGP hosting policies. They were storing all the private encryption keys on their servers along with a record of all the messages. These are two EXTREMELY bad things to do when hosting a PGP Encryption Service.

    This wasn’t a case of anything being hacked, this would be equivalent to saying your PC got hacked when you left a Post-It note on your monitor with your password on it.
    Reputable PGP Service providers do not store their users messages, or more importantly their private keys on their servers.

    This was a case of neglect, not a case of anyone being hacked.

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

1 day ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

1 day ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

1 day ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

1 day ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

1 day ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

1 day ago