Security

Cyber-crime

'Corrupt' cop jailed for tipping off pal to EncroChat dragnet

Taking selfie with 'official sensitive' doc wasn't smartest idea, either


A British court has sentenced a "corrupt" police analyst to almost four years behind bars for tipping off a friend that officers had compromised the EncroChat encrypted messaging app network.

Natalie Mottram, 25, of Warrington, England, was sent down for three years and nine months on Friday at Liverpool Crown Court. She previously worked for Cheshire Police, most recently as an intelligence analyst for the North West Regional Organised Crime Unit. She was arrested by the UK National Crime Agency (NCA) on June 12, 2020.

In August this year, Mottram pleaded guilty to misconduct in public office, perverting the course of justice, and unauthorized access to computer material.

Bent ... Natalie Mottram's mugshot. Source: Crown Prosecution Service

Mottram was collared as part of Operation Venetic, the NCA's codename for the EncroChat takedown. According to the cops, their secret infiltration of the supposedly impregnable chat app, allowing officers to silently read crooks' private messages and probe criminal dealings, has led to action against many of its more than 60,000 users.

There is no place for corrupt officers in UK law enforcement and it was vital that this investigation uncovered her betrayal

"Operation Venetic is a once in a generation investigation which has made a huge contribution to public protection," said John McKeon, head of the NCA's anti-corruption unit, in a statement. "There is no place for corrupt officers in UK law enforcement and it was vital that this investigation uncovered her betrayal."

In 2020, police in France and the Netherlands led the effort to compromise the communications service. Once they'd busted into the network's servers, cops used that access to collect conversations and other data from EncroChat handsets and use this information to make arrests, with the NCA doing the legwork in the UK.

To date, British law enforcement has arrested 3,147 suspects and convicted 1,240 of those based on intel harvested from EncroChat, according to the Crown Prosecution Service (CPS).

The operation also led to lawsuits arguing the dragnet surveillance of the chat network violated European and UK laws, and that evidence wasn't obtained legally.

We've got a leak

Soon after British police got in on the EncroChat spying action, they realized they had a security problem of their own.

According to the NCA, Mottram told Jonathan Kay, 39, the police were monitoring people's encrypted EncroChat conversations, and tipped him off that the cops had intel on him presumably from his use of the app.

Then in April 2020, according to the plod, a friend of Kay's pinged another EncroChat user to warn them that the app was under surveillance. Kay's friend also, we're told, tipped off a second contact, messaging:

I no [sic] a lady who works for the police. This is not hearsay. Direct to me. They can access Encro software. And are using to intercept forearms [sic] only at the moment. There [sic] software runs 48 hours behind real time. So have ur burns one day max. And try to avoid giving postcodes over it.

"Burns" refers to the delete-time on messages. The friend continued:

Her words was are you on Encro, I said no why, I only sell a bit of bud. She said cool just giving you heads up. Because NCA now have access. But she wouldn't lie.

In June 2020, investigators suspected Mottram has been alerting people to the covert monitoring of EncroChat, so they placed her under surveillance and asked her to analyze intelligence that mentioned Kay, who was also the boyfriend of Mottram's friend, Leah Bennett, 38. Crucially, the intel had been fabricated by officers to snare Mottram.

The NCA said Mottram, Kay, and Bennett "had grown close a few years before over a shared love of exercise." 

We're told Mottram drove to Kay and Bennett's house to warn them about the police file on Kay – which as we know, and she didn't, was deliberately bogus. Mottram, Kay, Bennett, and another were all later arrested that month.

Additionally, the plod seized £200,000 in cash from Kay and Bennett's house.

Kay, who earlier admitted perverting the course of justice, was jailed for 30 months on Friday. A similar charge was dropped against Bennett.

In addition to warning her friends that they were about to be scooped up in the EncroChat surveillance, evidence presented by the prosecution at trial showed Mottram bought weed from a dealer whose phone number was saved in her mobile phone. She also told Bennett about a murder file she had seen on her boss's desk, and took selfies with her work computer visible and showing an "official sensitive" document. ®

Send us news
62 Comments

European Court of Human Rights declares backdoored encryption is illegal

Surprising third-act twist as Russian case means more freedom for all

FBI: Give us warrantless Section 702 snooping powers – or China wins

Never mind the court orders obtained to thwart Volt Typhoon botnet

The spyware business is booming despite government crackdowns

'Almost zero data being shared across the industry on this particular threat,' we're told

Cutting kids off from the dark web – the solution can only ever be social

Expert weighs in after Brianna Ghey murder amid worrying rates of child cybercrime

Zeus, IcedID malware kingpin faces 40 years in slammer

Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts

LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware

Operation Cronos's 'partners' continue to trickle the criminal empire's secrets

Exploiting the latest max-severity ConnectWise bug is 'embarrassingly easy'

Urgent patching advised to protect attacks against setup wizards

Ukrainian police arrest father and son in suspected LockBit affiliate double act

If they did it, it gives new meaning to quality family time. Meanwhile, key LockBit leaders remain at large

Orgs are having a major identity crisis while crims reap the rewards

Hacking your way in is so 2022 – logging in is much easier

Cops turn LockBit ransomware gang's countdown timers against them

Authorities dismantle cybercrime royalty by making mockery of their leak site

Insider steals 79,000 email addresses at work to promote own business

After saying they're very sorry, they escape with a slap on the wrist

LockBit ransomware gang disrupted by global operation

Website has been seized and replaced with law enforcement logos from eleven nations