12:27 PM

Scotland Yard Read Encrypted BlackBerry Messages During Riots

British police officials said they used confiscated BlackBerry smartphones to "break into" encrypted communications.

Strategic Security Survey: Global Threat, LocalPain
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full slideshow)
What's the easiest way to access an encrypted smartphone communications network? Have a smartphone that can listen in.

At least, that was one tactic employed by police in London as they sought better intelligence on the outbreak of riots across England. So said Tim Godwin, acting police commissioner for the Metropolitan--the country's largest police force, which is more commonly known as Scotland Yard--on Tuesday, as he appeared before the U.K. Parliament's Home Affairs Committee. The committee, which oversees many of the country's police forces, is investigating the success or failure of police tactics used during the riots.

According to Godwin, as riots broke out in 22 of London's 32 boroughs last Monday and threatened to overwhelm police officers, he made the decision to begin eavesdropping and acting on encrypted BlackBerry Messenger (BBM) communications. Godwin said that by using BlackBerry smartphones seized by police, detectives were able to "break into" BBM and gain "live time monitoring," according to the Guardian. As a result, police officers were able to secure locations before rioting broke out, as well as proactively shut down stores and businesses in areas that faced looting. Police were also monitoring Twitter and Facebook, and Godwin's testimony suggested that police may have used confiscated BlackBerry smartphones to gain access to private Twitter feeds.

In Britain, multiple politicians had called for a curfew on BBM--widely used by the rioters, who were largely young and male--as well as social networks, to help quell the unrest. (As some privacy advocates have noted, such tactics echo strategies recently employed by autocratic rulers in such countries as Egypt and Libya, as they clung to power in the face of mass riots.) But Godwin confirmed that the police considered that tactic. "We did consider seeking the legal authority to switch it off. The legality is questionable, very questionable," he said, according to the Guardian.

Interestingly, BlackBerry manufacturer Research In Motion had released a statement in which it offered to assist investigators, in accordance with U.K. laws. Numerous security experts took that to mean that any police requests for BBM communications would, as usual, require a warrant.

Using a seized device to surreptitiously access BlackBerry Messenger communications, however, is gray territory. Furthermore, by detailing the difficulties police faced in amassing intelligence about planned rioting and looting, Godwin may not only be seeking exculpation for that intelligence gathering, but also laying the groundwork for a formal police request for new laws, giving them explicit power to eavesdrop on encrypted communications during times of unrest.

According to the Guardian, Godwin told the committee that police were not "at this moment of time" seeking the ability to deactivate social networks or eavesdrop on encrypted smartphone communications channels, during times of civil unrest. But news reports suggest that police are already working with the domestic intelligence service, MI5, as well as the country's electronic signals intelligence center, the Government Communications Headquarters, to decrypt BBM communications in the hunt for people who organized riots and looting.

Beyond using confiscated BlackBerry smartphones, police monitored riot-related and looting-related public messages sent via Twitter and Facebook, which resulted in multiple arrests.

But some of the resulting sentences have been criticized as being disproportionate. Notably, on Tuesday, two men were sentenced to four years in prison on charges of inciting a riot via Facebook. One 20-year-old man created a Facebook event page for "Smash Down in Northwich Town," and set the McDonald's in his town center as a meeting point. But he was the sole attendee and was arrested by waiting police. In the other case, a 22-year-old man created a Facebook page called "Let's Have a Riot in Latchford," but removed it the next day--after 300 people had viewed it--and published an apology on Facebook.

In handing down the stiff sentences, the judge said they were meant to serve as a deterrent.

At a full-day virtual event, InformationWeek and Dark Reading editors will talk with security experts about the causes and mistakes that lead to security breaches, both from the technology perspective and from the people perspective. It happens Aug. 25. Register now.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.