The FBI Global Sting Using App And Lessons for Nigeria’s EFCC

The FBI Global Sting Using App  And Lessons for Nigeria’s EFCC

The biggest mistake in the contemporary technology scene is to think that anyone could promise you privacy once something is shipped online. Yes, the latest news is that the FBI, the America mega crime buster, has arrested hundreds of people in many countries, after tricking them to use an FBI-controlled app, masquerading as a safe-encrypted messaging app: “More than 800 suspected criminals have been arrested worldwide after being tricked into using an FBI-run encrypted messaging app, officials say.”

The operation, jointly conceived by Australia and the FBI, saw devices with the ANOM app secretly distributed among criminals, allowing police to monitor their chats about drug smuggling, money laundering and even murder plots. Officials called it a watershed moment. Targets included drug gangs and people with links to the mafia.

Drugs, weapons, luxury vehicles and cash were also seized in the operation, which was conducted across more than a dozen countries. This included eight tons of cocaine, 250 guns and more than $48m (£34m) in various worldwide currencies and cryptocurrencies. Australian Prime Minister Scott Morrison said the operation had “struck a heavy blow against organised crime” around the world. European Union police agency Europol described Operation Trojan Shield/Greenlight as the “biggest ever law enforcement operation against encrypted communication”.

Here is the deal: from cryptocurrency to encrypted messaging apps, if you think any encryption or technology can mask you while committing a crime, you have a big problem. Just this week, the FBI was able to recover cryptos paid to a criminal organization after they had received the coins from a US company, Colonial Pipeline. The crusaders of cryptos would have made you believe that such was not possible because coins are decentralized and hidden from the government. Nonsense! 

Let me repeat it again: Bitcoin and other cryptos may be decentralized but they are centralized at the exchanges, and governments control those exchange companies, as they have to register with the governments to be connected to the banking systems. Simply, after all the hiding, the governments will wait for you at the exchanges, and they can ideally check all balances, linking all to your bank accounts and addresses which you used to set it up. Most exchanges even require your government issued identification documents before they can approve withdrawal, typically through a bank where you have an account!

In this FBI-Hollywood styled playbook, you can see an agency which is thinking ahead. The FBI runs many fake university websites in America to catch people doing illegal admissions. But it is not just the FBI; the CIA executes a similar gameplan. In short, it busted a bad gang in central Africa many years ago when it operated cybercafes – the best ones in the chosen cities on speed.  When the criminals came to the cafes to do their thing, they did not know that they were using computers rigged by CIA tools. One afternoon, the CIA and the local police closed them up.

This is where I am hoping that Nigeria’s EFCC can improve its game. We need to invest more on prevention than prosecution in the land. Those who are overly worried about super-encryption need to check themselves. Why? With the reduction in information asymmetry, we are learning more about ourselves online, in many ways, and we are changing as a people.

Unlike a few years ago, sharing your resume online was a bad idea. In short, the resume was a classified personal document. Today, we share it publicly to the world via LinkedIn. More so, our grandmothers told our sisters never to enter cars of people they do not know. Today, everyone enters vehicles operated by strangers via Uber. Also, we were warned never to sleep in a stranger’s house. Today, via Airbnb, many do just that. Why? That information asymmetry friction has been fixed by technology to a large extent, improving trust.

And within that framework, anyone who thinks he needs super-encryption to do business in this world may need to check carefully if what he/she is doing is actually in compliance with laws of the land. If not, no encryption will save you because nothing is protected when it matters. Sure, we need to protect our IPs, trade secrets, hide from bad governments, but that must not make us paranoid to the extent that we become stupid to install apps that can get us into bad lists.

EFCC needs to focus on prevention more than prosecution!

Comment on LinkedIn Feed

Comment: I remember working on a project in Nigeria 15 years ago where we were told that data could not be held overseas due to government restrictions. We had to install local servers to complete the project. Now everything sits in the “cloud” including federal and state government data on Microsoft Azure, AWS or Goggle cloud, just like our family photos and other personal information. Indeed information asymmetry is improving trust!

My Response: “Indeed information asymmetry is improving trust!” – This line does not actually follow the points you made. There are many technology stacks. Information asymmetry is not measured at the infrastructure stack. So, while your conclusion is correct, the premise is wrong. Free flow of information, stored locally or in foreign cloud, is improves trust in communities as we use Uber, Airbnb, LinkedIn etc. But trust on information within consumers is different from trust at infrastructure level.

More so, if they want Nigeria, even if we host locally, it changes nothing. I build microchips for a living. If you do not use Amazon, Google, or Azure, you will still buy servers from HP, Oracle, etc. While your consumer-level may be managed, your infrastructure could be infiltrated.

Remember: CIA ran Crypto AG which at a time was the #1 encryption company in the world, supplying governments, banks, etc. So, hosting your server in Ikeja and buying encryption from Germany changes nothing. For protection, you need to design EVERYTHING 100% as China does.

It takes a line of code to break a system.

---

Click to register for Tekedia Mini-MBA (Sept 13 – Dec 6, 2021): online, self-paced, $140 (or N50,000 naira). Full curriculum here.

Click to join Tekedia Capital Syndicate and build Next Africa with a minimum of $10,000 co-investment in startups.

Share this post

3 thoughts on “The FBI Global Sting Using App And Lessons for Nigeria’s EFCC

  1. I think our case is all round deficiency in human capacity, not just when it comes to being proactive on crimes. The criminals that our law enforcers know their hideouts and sanctuaries, do they have the capacity to arrest and successfully prosecute them?

    We have helplessly watched how the so called bandits stroll into schools, pickup students, sometimes in their hundreds, and then majestically walk away. What have we done? We open ‘negotiations’, pay them handsomely, and they smile and tell us, ‘see you soon’; then the cycle repeats.

    All the ransom we dole out to local criminals, how much have been recovered? Or we just give them money to expand their operations? At least we saw how a serious and capable law enforcer went ahead to recover part of what was paid out.

    From electricity to potable water, from intelligence gathering to confronting criminals, from prosecution to political leadership; everything is very difficult and complicated in our case. Yet we keep claiming that we are great, maybe for producing paper graduates than most countries of the world.

    We just need to get to work, for now we haven’t shown greatness on anything

    Reply
  2. I see this as a boon and not a bane to the crypto industry.

    If government can track crypto transactions that means the opinion of people that crypto is used for money Laundering will be solved.

    It’s an advantage to the industry

    Reply
  3. I don’t know if our Nigeria Police and the EFCC can do something about criminals going about with POS terminals which they use to dispossess unlucky passengers found with Bank Debit Cards of the balance in their bank accounts when such passengers fall prey to them in their “one chance” crime.
    I know one can complain to one’s bank after one has been wrongly charged for a transaction and within 48 hours, the wrong charge is reversed.
    Since a POS terminal, I assume, is issued by a bank, why is it not possible for people robbed to get their banks to refund their losses?
    I am a layman in this field and if it is possible, the Police should make this information known to everyone.

    Reply

Post Comment