Saint John drug network tricked by 'Trojan horse': cyber expert

Police used a classic Trojanhorse scenario to crackan illegal drug network in Saint John, saysDavidShipley, a cybersecurityexpertat the University of New Brunswick in Fredericton.

In this case, the Trojan horse was actuallya collection of encrypted Blackberry cellphones supplied by police to members of the alleged crime group.

Court documents released this week include a statement of facts agreed to by the Crown and by defence lawyer Rod MacDonald.

MacDonald represents Robert Patrick White, one of 28 people arrested in the fall of 2014 in an operation dubbed J-Tornado by police in New Brunswick, Nova Scotia and Quebec.

Large quantities of heroin and cocaine were seized.

White initially pleaded not guilty, but later changed his plea and was sentenced this week to seven years in prison.

They thought they were getting James Bond-like high-tech, spy secrecy.- David Shipley, cybersecurity expert

Among the agreed upon facts in the sentencing document are that a police agent gained the confidence of the alleged leader of the crime group, who is identified only by the initials S.W.

The document says the agent supplied S.W. with BlackBerry phones, which were in turn distributed to associates in the criminal organization.

The cellphones had been set up by police to send PGP-encrypted messages, which could be intercepted.

PGP stands for "pretty good privacy,"says Shipley and it's actuallyan encryption software that, under normal circumstances, would be nearly impossible to break into without having the correct passphrases.

Shipley says the dealers likely thought the BlackBerry devices were extremely safe.

"They thought they were getting James Bondlike, high-tech spy secrecy," said Shipley.

"What they got was a hotline right into the police force.

"If you can have physical access to the device and can tamper with it in such a way, or you know the prestored pass keys and phrases, you can do what's known as a 'man in the middle' attack," said Shipley.

Each of the 13 devices had email addresses set up with the servercryptlock.net and if police were operating the server, they had the so-called keys to the kingdom, he said.

Shipley says the cryptlock.net domain name is currently in the hands of a reseller and the information on that owner is protected by a company registered in Panama.

While the technology sounds complicated, the job was made easy by the police agent working inside the group.

"The technology isn't the clever part here, it's the way they applied the technology and used it as part of their policing techniques," said Shipley.

Six weeks have been set aside, starting onMonday, for the Saint John trial of three men alleged to bekey figures in the J-Tornado investigation.