Decrypted: Police hack criminal phone network; Randori raises $20M Series A

Last week was, for most Americans, a four-day work week. But a lot still happened in the security world.

The U.S. government’s cybersecurity agencies warned of two critical vulnerabilities — one in Palo Alto’s networking tech and the other in F5’s gear — that foreign, nation state-backed hackers will “likely” exploit these flaws to get access to networks, steal data or spread malware. Plus, the FCC formally declared Chinese tech giants Huawei and ZTE as threats to national security.

Here’s more from the week.


THE BIG PICTURE

How police hacked a massive criminal phone network

Last week’s takedown of EncroChat was, according to police, the “biggest and most significant” law enforcement operation against organized criminals in the history of the U.K. EncroChat sold encrypted phones with custom software akin to how BlackBerry phones used to work; you needed one to talk to other device owners.

But the phone network was used almost exclusively by criminals, allowing their illicit activities to be kept secret and go unimpeded: drug deals, violent attacks, corruption — even murders.

That is, until French police hacked into the network, broke the encryption and uncovered millions of messages, according to Vice, which covered the takedown of the network. The circumstances of the case are unique; police have not taken down a network like this before.

But technical details of the case remain under wraps, likely until criminal trials begin, at which point attorneys for the alleged criminals are likely to rest much of their defense on the means — and legality — in which the hack was carried out.