Tag Archive for: criminal intelligence

A new risk on the horizon: organised criminals as mercenaries of disinformation

At a time when controlling the narrative is power, are organised crime groups acting as mercenaries of disinformation, using their skills to manipulate minds for profit? A recent Australian Federal Police (AFP) operation suggests an intersection is forming between crime, disinformation and technological exploitation.

Last month, the AFP arrested six members of a Sydney-based criminal syndicate implicated in drug importation as part of Operation Kraken. The operation targeted Ghost, an encrypted messaging app designed for illicit communications. It played a crucial role in the syndicate’s activities, used to send more than 125,000 criminal messages.

What makes this case particularly interesting is that one senior member of the syndicate allegedly orchestrated a disinformation campaign. This involved fabrication of a terror attack, a false narrative aimed at perverting the course of justice and diverting law enforcement resources.

Criminal groups are known to exploit social and technological developments for profit. Cybercriminals in Europe are already engaging in disinformation as a service for customers. AFP and criminal intelligence organisations should be wary of that happening in Australia.

Further, criminal organisations are now selling services to both state and non-state actors.

In Myanmar, for instance, ethnic armed groups have increasingly relied on drug production to finance their operations. By partnering with organised crime syndicates, they monetise their control over territory, granting protection and resource access in exchange for a share of the profits. This not only perpetuates the cycle of violence and instability but also entrenches the drug trade within these communities, as they become reliant on revenue generated from opium and methamphetamine production.

So we see a complex interplay of local power dynamics and organised crime.

For many years, criminal groups have offered money laundering as a service, creating a new dimension in financial crime. They provide tailored solutions for individuals, businesses and even governments aiming to obscure origins of illicit funds. The criminals charge for their expertise in navigating complex financial systems. A notable example is the case of the Panama Papers, which exposed how many high-profile individuals and corporations used offshore shell companies in jurisdictions such as Panama to launder money and evade taxes.

Criminal groups also offer hacking services on a subscription basis, enabling clients—ranging from individuals and groups to state entities—to breach security systems, steal sensitive data or deploy ransomware. This trend allows customers with limited technical skills to engage in sophisticated attacks, effectively broadening the reach of both state and non-state actors.

For instance, Eastern European cybercriminals have been linked to the proliferation of bot farms, which are used to automate attacks and disseminate disinformation at scale, amplifying the impact. By providing these illicit services, hackers create immunity for their customers, who become difficult to trace and prosecute or, in the case of rogue states, hold accountable.

There is a reasonable assessment that the demand for disinformation services is growing among state and non-state actors, reflecting a shift in how information is weaponised for strategic advantage. As geopolitical tensions rise and digital platforms proliferate, various groups—from rogue states to organised crime syndicates—are increasingly turning to disinformation as a tool for manipulation and control. This can range from spreading false narratives to create confusion and distract law enforcement, to launching smear campaigns to discredit adversaries.

If this demand evolves disinformation from a tool of deception into a service available for hire, Australian law enforcement will face complex new challenges. The intertwining of disinformation with organised crime complicates the national security landscape.

Australia must evaluate whether existing legislation is sufficient to address the commodification of disinformation. The Operation Kraken case should prompt further investigation into intelligence surrounding criminal fee-for-service disinformation schemes. A coordinated approach involving law enforcement and intelligence agencies is essential to counter the threat.

Encrypted messaging apps: a persistent challenge in fighting organised crime

Last month, about 700 Australian Federal Police (AFP) officers executed arrest warrants nationwide under Operation Kraken. This operation targeted Jay Je Yoon Jung, the alleged architect behind Ghost, an encrypted messaging app explicitly designed for organised crime groups.

While Operation Kraken showcased Australia’s ability to disrupt sophisticated criminal networks, it also highlighted a pressing issue: the persistent challenge posed by evolving encryption technologies that organised criminal groups are so quickly adopting, allowing them to outpace law enforcement efforts.

Ghost represented a significant leap in the technological capabilities of organised crime. Allegedly developed by Jung as a business venture, it facilitated a range of illicit activities, from drug and weapons trafficking to money laundering. An estimated 800 devices were in circulation globally, 376 of which in Australia. Disguised as standard smartphones, they allowed users to create anonymous profiles and communicate securely. The breadth of activities coordinated through Ghost reinforces the escalating sophistication of organised crime groups and, just as importantly, their ability to adopt and operationalise new technology.

Ghost was brought to the AFP’s attention by Europol, the European Union’s international policing division. Europol prompted formation of a global task force, with the AFP joining forces with the US Federal Bureau of Investigation and the Royal Canadian Mounted Police. Through technical ingenuity and undercover operations, the AFP accessed Ghost’s software. This replicated the success of previous operations, such as Operation Ironside, which had effectively dismantled another encrypted messaging app, AN0M.

Despite these victories, the operation highlights the broader implications of encrypted messaging apps for law enforcement. While they challenge law enforcement with their encryption, they also raise significant questions regarding privacy and mass surveillance.

Operation Kraken exposes three significant challenges for Australian law enforcement when targeting organised crime groups: disrupting their current use of encrypted technology, accelerating law enforcement adoption of new technologies and preventing criminal exploitation of future advancements.

The success of Operation Kraken hinged on the delicate interplay between human intelligence and technological expertise. The authorities’ initial breakthroughs in identifying and infiltrating Ghost were achieved through human sources in organised crime groups.

But another encrypted messaging app will surely emerge to take its place. So collaboration between human intelligence and cutting-edge technology must remain a cornerstone of law enforcement strategies to stay one step ahead of evolving criminal threats.

Australia’s 2018 encryption laws have enabled law enforcement to compel tech companies to grant access to encrypted communications. However, this has sparked a debate over the potential creation of backdoors that could compromise user privacy and safety. Both the debate and government policy responses must recognise that encryption is essential to modern life and that security is key to tech companies’ commercial success. It’s little wonder that achieving a delicate balance between safeguarding privacy and ensuring public safety remains a contentious issue that requires careful navigation.

The Australian government and law enforcement agencies must prioritise ongoing innovation and international collaboration to stay ahead of criminal use of encrypted messaging. Maintaining operational secrecy while maximising intelligence gains is essential to ensuring that authorities can remain proactive in their fight against organised crime. Investment in training and resources for law enforcement agencies will empower them to combat these evolving technologies.

To ensure sustained success, Australia should consider establishing a dedicated task force focused on proactively assessing encrypted messaging apps and investing in training for a new generation of digital investigators. Engaging in ongoing dialogue with technology firms will be crucial, enabling law enforcement to strike a balance between privacy concerns and the necessity of access to encrypted communications during critical investigations.

As we navigate the complexities of organised crime in the digital age, the insights from Operation Kraken should catalyse Australia’s law enforcement community to embrace innovation, foster cooperation and remain agile in the face of emerging challenges. Only through a multifaceted approach can we ensure the safety and security of our communities while effectively countering the threat posed by organised crime.