Government argues sophisticated encryption operation underway, but it’s actually a technology much more simple than that

Despite early reports that a sophisticated encryption operation was used to help terrorists cover their tracks leading up to the Paris attacks last November, new evidence suggest the ISIS-sponsored group went with a much more simple approach: burner phones.

For those unfamiliar, burner phones are smartphone devices that can be purchased with a prepaid amount of minutes and data to them. When they’re used up, new minutes / data can be purchased, or the device is simply discarded. Due to their vast availability, these devices are next-to-impossible to track. 

An article in the New York Times reports: "the three teams in Paris were comparatively disciplined. They used only new phones that they would then discard, including several activated minutes before the attacks, or phones seized from their victims." It goes on to explain in greater detail how some phones were used very briefly in the hours leading up to the attacks. "Security camera footage showed Bilal Hadfi, the youngest of the assailants, as he paced outside the stadium, talking on a cellphone. The phone was activated less than an hour before he detonated his vest."

This new information comes from a report put together by antiterrorism police for France’s Interior Ministry. It also details how investigators found a Samsung phone in a dustbin outside the Bataclan theater. "It had a Belgian SIM card that had been in use only since the day before the attack,” the report reads. “The phone had called just one other number — belonging to an unidentified user in Belgium."

As police began to compile evidence and make sense of the movement of the attackers, additional burner phones were found: "Everywhere they went, the attackers left behind their throwaway phones, including in Bobigny, at a villa rented in the name of Ibrahim Abdeslam. When the brigade charged with sweeping the location arrived, it found two unused cellphones still inside their boxes." At another location used by one of the terrorists, the police found dozens of unused burner phones ‘still in their wrappers’."

Perhaps most surprising about the discovery of all these phones is that not a single email or online chat discussion was found on them. This appears to confirm the theory that the terrorists were aware of the fact that these communications were routinely being monitored by intelligence agencies. So, rather than risk discovery by  putting into place some sort of encryption program which, itself would draw attention to their accounts, they simply stopped using the Internet as a communication channel, and instead relied on standard cell network calls via burner phones.

Now, this is worth pointing out from a communications standpoint because (a) it proved to be a successful method for communicating and (b) many governments, including the US, UK, and others, are pushing forward policies meant to weaken encryption; specifically, the claim is that strong encryption creates a “safe space” for terrorists. Based on this new evidence, it appears as though encryption actually played little to no part in the Paris terrorist attacks. 

Via arstechnica, NY Times