The Swiss VPN service provider, Perfect Privacy, was the victim of a raid by Dutch authorities. According to the company, they had not been contacted by authorities and did not know that they were the subject of an investigation. This raid is just the latest in what would appear to be a cyber-crime related crackdown, however, recent cases by Dutch police show a pattern of raiding encryption and other online anonymity services.
The raid occurred on August 24, but the company was not set back for long. Their servers are hosted by 13D hosting out of Rotterdam and were replaced within 24 hours.
According to the company, “Since we are not logging any data there is currently no reason to believe that any user data was compromised.” The company did not know the reason for the seizure and were puzzled as there is no data logged. No data logged means nothing for the police to find.
“The Dutch police still did not contact us and we have no idea why the servers have been seized. The seizure is also pretty pointless because we obviously do not log, so there is nothing to find on theses servers. We did however rebuild all cryptographic keys for the Rotterdam location, just in case they tried a cold boot attack on the running system to extract keys. But this attack is very unlikely, the police took the system nearly 12 hours after it was disconnected from the internet. Thanks to the good cooperation with our hoster I3d new servers were up and running in less than 18 hour,” the company’s statement read.
Dutch police have been overly aggressive when it comes to battling cyber-crime, particularly in the area of privacy and encryption companies. Many hackers utilize Dutch servers due to their overwhelming speed and reliability, thus many alleged cyber-crimes are funneled through Amsterdam’s main hub. This leaves the responsibility of investigating these crimes to Dutch police. In April of this year, Dutch police arrested a man stating that he “provided criminals with customized smartphones and accompanying communication services.” The company, Ennetcom, sold smartphones with legal encryption software that could only send emails. It would appear that going after encryption and privacy related tech companies are their idea of protecting us from ourselves.
No statement has been released from Dutch authorities as to what they were looking for, or whether or not this was an attempt to simply disrupt a service.
This article (Dutch Police Seize Servers of Swiss VPN Perfect Privacy) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author Alek Hidell and AnonHQ.com.