Sunday, 1 August 2021

ABBA KYARI - LEARNING INTELLIGENCE/TECH INVESTIGATION

Deputy Commissioner of Police (DCP) Abba Kyari is an acclaimed “super cop” and the head of the Inspector General of Police (IGP) Intelligence Response Unit (IRT). As the “top dog” of the Nigeria Police Force intelligence unit, one would have expected Kyari to be more circumspect or cybersecurity cautious while dealing with Ramon Olorunwa Abbas aka Huspuppi who is now a self-confessed cybercriminal. Kyari did not bother to ensure that his conversations with Huspuppi were done via encrypted channels or platforms using Whatsapp or Signal calls. A Whatsapp or Signal call to another user of Whatsapp or Signal is end-to-end encrypted, meaning that the call cannot be accessed either by Whatsapp, Signal or a third party. If Kyari and Huspuppi had communicated via Whatsapp or Signal calls, the FBI would not have found the damning evidence linking Kyari with Huspuppi’s scams, even after the arrest and search of Huspuppi’s phones. At the best, call logs from either Whatsapp or Signal, would have shown that the two communicated but the contents of the communication would not have been known.

This lack of basic cybersecurity practice or seemingly tech incompetence might be a pointer to the fact the IRT is not so intelligent when it comes to the application of ICT for the investigation of crimes. If this is not so, how then can one explain this “slip” or “falling of hand” by the “top dog” of the IGP IRT? Or could it be that Kyari thought that Hushpuppi would never be caught and his devices accessed thus revealing his (Kyari’s) alleged criminal links with Huspuppi?

To be fair to Kyari, he is not the first top security official to exhibit a lack of basic cybersecurity knowledge or to fall from the top, due to tech goofs. David Howell Petraeus is a retired US Army General and public official. He served as Director of Central Intelligence Agency (CIA) from September 6, 2011, until his resignation on November 9, 2012. Before he assumed the directorship of the CIA, Petraeus served 37 years in the US Army.

The retired four-star General was forced to resign as CIA Director when an extramarital affair with his biographer; Broadwell, was revealed by their incriminating Gmail exchanges.

 According to Bianca Bosker:

“The extramarital affair between former CIA Director David Petraeus and his biographer, Paula Broadwell, which was revealed by their incriminating Gmail exchanges, could easily have gone undetected had Petraeus and his paramour followed two simple spy tricks that date back millenia: Write in code and destroy the message after you read it. It sounds simple, and it is. That's why it's disturbing and worth noting that the man in charge of all covert intelligence operations for the United States couldn't manage to keep a secret about his personal life.”

The Wall Street Journal, reported that Petraeus and Broadwell used pseudonyms to set up separate Gmail accounts which they used to communicate in secret. Their trove of "sexually explicit emails" was discovered only by accident after Jill Kelley, an acquaintance of Petraeus, complained that she was receiving threatening emails, which led FBI investigators to Broadwell's account and, in turn, to her X-rated messages detailing the affair.

The Journal explains:

“FBI agents and federal prosecutors used the information as probable cause to seek a warrant to monitor Ms Broadwell's email accounts. They learned that Ms Broadwell and Mr Petraeus had set up private Gmail accounts to use for their communications, which included explicit details of a sexual nature, according to U.S. officials. But because Mr Petraeus used a pseudonym, agents doing the monitoring didn't immediately uncover that he was the one communicating with Ms Broadwell.”

Creating separate accounts dedicated to illicit communication was a good move, noted Graham Cluley, a senior technology consultant at Sophos, a provider of security software.

Petraeus and Broadwell made the mistake of saving their emails, rather than erasing them right away. And Cluley said they also should have communicated in code using freely available online encryption services.

As the head of the CIA, Petraeus ought to have known better that the method of communication with Broadwell was not secure. In this age of ICT, the head of an intelligence agency must also be cybersecurity intelligent.

Also read: Here's How The FBI Nailed Paula Broadwell For Harassing Jill Kelley In The Petraeus Sex Scandal  

POSTSCRIPT: The FBI says that they are investigating the Hushpuppi case as part of “Operation Top Dog.” Top dog means a "person who is successful or dominant in their field." For example; “Hushpuppi was a top dog in the cybercrime world.”

Below is an excerpt from the Criminal Complaint filed in the United States District Court for the Central District of California in the case of the United States of America v. RAMON OLORUNWA ABBAS, ABBA KYARI & Ors which discloses the allegations against Abba Kyari

AFTER CONSULTING WITH JUMA, ABBAS ARRANGED TO HAVE ABBA KYARI IMPRISON CHIBUZO IN NIGERIA IN RETALIATION FOR, AND TO PREVENT HIM FROM, TRYING TO CO-OPT THE VICTIM BUSINESSPERSON

 129. As discussed in paragraph 120, JUMA and ABBAS had a falling out with CHIBUZO after CHIBUZO felt that he was being underpaid (or had not been paid) for work on the fake Wells Fargo website, and then contacted the Victim Business person directly. ABBAS then arranged to have KYARI arrest and imprison CHIBUZO in Nigeria for attempting to redirect fraudulent proceeds intended for ABBAS and JUMA to himself, to keep CHIBUZO from interfering with the scheme. This section discusses those events and KYARI’s involvement in the conspiracy.

 

130. On January l3, 2020, the Victim Businessperson contacted JUMA about a person who had contacted the Victim Businessperson about the loan, stating “This number is calling me but I didn’t answer.” The Victim Businessperson also provided JUMA a screenshot of and forwarded additional conversations between the Victim Businessperson and CHIBUZO, who was using the U.S. phone number 3054405586. That phone number was the same phone number used by CHIBUZO to send ABBAS information about the fake Wells Fargo website described earlier. In the messages, CHIBUZO sent the Victim Businessperson’s passport, and claimed to be “trying to help” the Victim Businessperson.

 

131. JUMA forwarded these messages from the Victim Businessperson to

ABBAS, who responded, “I will deal with him.” At approximately the same time, ABBAS asked CHIBUZO for a phone number on which to call him. Two minutes later, ABBAS sent the phone number on which he contacted CHIBUZO (which CHIBUZO had previously also sent to ABBAS) to KYARI without providing any additional context. Just before forwarding the phone number to KYARI, ABBAS placed a nearly five-minute call to KYARI, using the phone number described in paragraph 136.

 

132. A short time later, ABBAS told JUMA, “setting him up already [1]] He will learn.” JUMA replied, “He almost messed it up bro,” to which ABBAS responded, “They are working on it already.”

 

133. Approximately an hour later, CHIBUZO responded to ABBAS’ message requesting his phone number by providing another phone number. ABBAS also sent this number to KYARI without providing any additional context in the message.

 

134. On January l5, 2020, this time using WhatsApp, ABBAS sent an audio recording to KYARI, stating, essentially, that he wanted to remind KYARI about what they discussed earlier.

 

135. On January 16, 2020, ABBAS sent the following threats to CHIBUZO: I dey always tell people to think well before they offend me and make them make sure they fit stand the consequences when the time comes. I won’t say more than that but very soon, very very soon, the wrath of my hands shall find you and when it does, it will damage you forever At this point I no get discussion with you, u have committed a crime that won’t be forgiven, that is punishable and you shall receive die punishment in due time I swear with my life you will regret messing with me, you will even wish you died before my hands will touch you.

 

136. Also on January 16, 2020, ABBAS sent a message to KYARI on WhatsApp, and then placed five calls to another phone number (+2348060733588) that was listed as “ABBA KYARI.” Call records show that the last three of the calls were answered and that one ofthe calls lasted more than two minutes. Shortly after that, ABBAS received a message from KYARI, confirming “We would pick him today or tomorrow.” ABBAS wrote, “I will take care of the team also after they pick him up.” KYARI confirmed “Yes ooo.”

 

a. Based on the conversation described in paragraphs 143 to 145, ABBAS planned to pay the Nigeria Police Force officers who arrested CHIBUZO for that service.

b. This was not the only time that ABBAS arranged payments with KYARI. On May 20, 2020, ABBAS sent KYARI transaction receipts for two transactions from accounts at Nigerian banks (GTBank and Zenith Bank) of a person ABBAS knew in the U.A.E.—a person also arrested with ABBAS in ABBAS’ apartment in the U.A.E. by Dubai Police on June 9, 2020—to the Nigerian bank accounts of another person in Nigeria. The amounts on the transaction receipts totalled 8 million Nigerian Naira, which was approximately $20,600 based on publicly available exchange rate information.

 

137. Attempting to reason with ABBAS, on January 18, 2020, CHIBUZO recounted for ABBAS all the assistance he had provided in the scheme to victimize the Victim Businessperson, including creating the “power of attorney” document (paragraphs 67-68), devising a story to tell the Victim Businessperson (paragraph 117), and facilitating the creation of the “telephone banking” number (paragraphs 109-116) and fake Wells Fargo website (paragraph 117).

 

138. As discussed in paragraph 32.b, on January 20, 2020, KYARI sent to ABBAS biographical, identifying information for CHIBUZO, along with a photograph of him. In a conversation immediately following, ABBAS confirmed “that is him sir.” KYARI stated, “We have arrested the guy . . . He is in my Cell now [II] This is his picture after we arrested him today.” (The below image is a cropped version of the photograph that KYARI sent to ABBAS.)

 

139. KYARI sent the biographical information about, and photograph of, CHIBUZO to ABBAS using two different WhatsApp numbers—the second of which KYARI said was his “private number.” From that point on, KYARI and ABBAS primarily discussed the arrest and detention of KYARI through WhatsApp on this “private number.”

 

140. After receiving the photograph of CHIBUZO, ABBAS stated, “I want him to go through serious beating of his life.” KYARI responded, “Hahahaha,” and ABBAS replied, “Seriously sir.” KYARI then asked for details about what CHIBUZO did “on audio,” which KYARI said was “So that we will know what to do.”

 

141. In response to KYARI’s question about what CHIBUZO had done to ABBAS, ABBAS sent KYARI an audio message, which is transcribed here, describing how CHIBUZO had tried to steal away a fraud victim (i.e., “the job”) from him:

What he did is, I have one job. The job want to pay me 500, umm, 75,000 dollars [i.e., $575,000]. He went to message the job behind me because I told him to help me make one document for me to give the job. Then he went—he has a—I gave him the details. Then he went to message the job behind my back and try to divert the money and in this process he tell the job because of the documents he gave me that I gave the job, he tell the job, “These document they sent to you before. These people are fake. This money—is me who can help you to get it. Come to me le—bring this money you want to pay these people to me. I’m the only one who can help you,” and all these things to divert the job for himself.

 

142. After listening to the message, KYARI wrote, “Ok I understand [1]]

But he has not succeeded.” ABBAS claimed CHIBUZO had taken some money, and provided KYARI with two screenshots, one of which contained the phone number 3054405586 (the phone number CHIBUZO used to contact the Victim Businessperson). The screenshots showed a person contacting the Victim Businessperson and stating that he was providing information to try to “help[]” the Victim Businessperson. KYARI responded, “Yeah I understand.” KYARI did not request other information or evidence relating to CHIBUZO’s role in the scheme, ask questions about the nature of the transaction, or ask about why CHIBUZO told the Victim Businessperson that ABBAS was “fake.”

 

143. ABBAS then told KYARI, “Now the [Victim Businessperson] was skeptic to pay me the money cos he keep attacking the [Victim Businessperson] from his end. Now I can handle the [Victim Businessperson] correctly.” ABBAS further told KYARI that he wanted to pay money to send CHIBUZO to jail for a long time, stating “Please sir I want to spend money to send this boy to jail, let him go for a very long time.” KYARI responded, “Ok bro [1]] I understand [1]] I will discuss with my team who arrested him . . . And handling the case [1]] We will do something about it.”

 

144. ABBAS responded, “Let me know how I can send money to the team sir[.] let them deal with him like armed robber.” KYARI responded, “OK I will send their account details to u.” ABBAS further wrote, “He betray me and try to take food out my mouth, this is great punishable sin,” and KYARI responded, “Yeah bro.” ABBAS then continued, “I want him to suffer for many years.” KYARI responded, “Hahahaha [1]] Hahahaha.”

 

145. Approximately six minutes later, KYARI provided the account information for a bank account at a Nigerian bank, Zenith Bank, in the name of a person other than KYARI himself. ABBAS responded “Ok sir, tomorrow by noon,” indicating that he would make the payment to KYARI’s team by the next day.

 

146. On the same day, ABBAS sent JUMA the photograph of CHIBUZO in custody, which KYARI had sent.

 

147. Approximately a month later, on February 19, 2020, KYARI sent a message to ABBAS, saying, “Hello hush with [sic] need to talk about the subject under detention with me.” ABBAS asked “Should I call u on this number sir?” to which KYARI replied “Yes call me.”

 

148. The following day, KYARI sent ABBAS multiple photographs of CHIBUZO to ABBAS, including close-up photographs showing a rash or skin disease on CHIBUZO’s torso and arms. ABBAS responded, “I don pity am, make them leave am from Tuesday.” KYARI wrote, “Ok bro, they just brought him from hospital. The fever and the rashes is giving him serious Wahala [1]] He got the disease from other suspects in the cell.” ABBAS responded, “I see am, I no too pity am [1]] That’s what people like him deserve but I go forgive am for God sake.” In other words, based on my training and experience with Nigerian Pidgin, ABBAS was essentially stating, in part, “I don’t pity him. That’s what people like him deserve, but I will forgive him for God’s sake.”

 

a. Based on the date of the messages and later discussion described in paragraph 150, ABBAS was—on Thursday, February 20, 2020— requesting that KYARI not to release CHIBUZO until Tuesday, February 25, 2020.

 

149. ABBAS then told KYARI that CHIBUZO’s girlfriend messaged him, trying to raise one million Naira to secure CHIBUZO’s release, and said ABBAS promised to contribute 100,000 Naira. KYARI stated “They were thinking it’s normal arrest that is why they think money can remove him . . . No money can remove him here [1]] Hahahaha.” ABBAS added, “But it’s better for them to think that way, I like it like that,” and KYARI responded, “Yeah.”

 

150. ABBAS then said, “No problem sir from Tuesday he can go,” apparently giving KYARI his blessing to release CHIBUZO from custody. KYARI responded, “Ok bro [1]] We will also keep his phone and other gadgets for some weeks.” ABBAS responded, “Yes those ones they should not give him again, those ones are gone . . . Make he no see those ones again for life,” instructing KYARI not to return CHIBUZO’s electronic devices. KYARI responded, “Yes he will not see it [1]] Again,” indicating that he would accede to ABBAS’ request.


No comments:

Post a Comment