Geeks for the Cartels
Encrypted communications, drug deals on the web, propaganda per Facebook: The younger generation is driving the digitalisation of the Mexican drug cartels. Read More
Louis Vuitton luggage, a selfie aboard a yacht in front of a luxury hotel in Monaco: At first glance, the photo gallery of "miauuuu5_7" looks like thousands of others staging their jet-set lives on Instagram. The young man could be a model or wealthy heir. But he is a killer. Some videos depict him in full camouflage in the woods with an assault rifle, and with high-ranking members of Mexico’s powerful Sinaloa cartel.
José Rodrigo Aréchiga Gamboa, alias "miauuuu5_7", is known in Mexico as "Chino Ántrax"– the head and founder of the "Los Ántrax" killer commando. The unit carries out contract killings for the Sinaloa cartel, serves as the armed wing and troop of bodyguards for drug boss Ismael "El Mayo" Zambada García, and organises the transport of drugs and weapons. Most recently "Chino Ántrax" is supposed to have controlled the drug trade in Culiacán, the capital of the state of Sinaloa, the cradle of the Sinaloa cartel. On the Instagram photos, the assassin used Photoshop to render his face unrecognisable, but he is identifiable on most photos and videos because of the skull ring he is wearing, the logo of the Ántrax troop.
Like "Chino Ántrax", thousands of members of Mexican cartels post on social networks like Instagram, Facebook and Twitter. While the old-school drug bosses moved through the world like phantoms, there is hardly a photo to be had of El Chapo or El Mayo, their sons and sons’ friends are social-media maniacs. They show off their money, cars, drugs and weapons on social networks, and spread propaganda intended to glorify the cartels and intimidate opponents. The internet is more than just a playground for the young narco generation though. Cartels also use it to plan crimes, like kidnapping and drug deals, and the changing of the guard is stimulating criminal innovation.
Torture videos and fan pages
According to sociology professor Howard Campbell, a torture video was the beginning of the online Mexican drug war: In 2005 a YouTube film made the rounds that showed a killer interrogating and torturing four members of the Zetas. “It was the first big social media event and seemed to imitate the style of Al-Qaida”, recalls Campbell, a member of the faculty at the University of Texas in El Paso who specialises in research into the Mexican drug trade. “The phenomenon exploded and spread like wildfire – today there are thousands of similar YouTube videos and other types of social media use.”
Like terror organisations, the cartels take advantage of the viral effect of narco propaganda on the Internet: Killer commandos document murders on smartphones or professional cameras, saw the heads off opponents in front of a running camera, then post the bloody photos and videos themselves or pass them on the narcoblogs that publish material from the drug war. Before they are killed, captured rivals are often forced to confess – about whom they have kidnapped and killed, a catalogue of their crimes. “It is a kind of political statement and often about the influence of the cartel in a certain region,” Campbell explains. “The narcos want to show that they are the good guys fighting the forces of evil; that they protect society from its foes who have committed truly heinous acts.”
Like terror organisations, the cartels take advantage of the viral effect of narco propaganda on the Internet.
The head of the Knights Templar, “La Tuta”, regularly posts PR videos on YouTube that get hundreds of thousands of hits. The Sinaloa cartel used YouTube videos to document the aid it delivered to an area destroyed by a storm. They even opened an Instagram channel for a while. Innumerable Facebook fan pages celebrate the cartels. Their followers include harmless young people who glorify the narco lifestyle, but also true cartel members.But social networks like Facebook, Hi5 and MySpace are more than just a propaganda tool for the cartels: They recruit new members, from outside the Mexican border as well, use Facebook pages to talk young women into a face-to-face meeting who are later forced into prostitution, and mine the net for kidnapping victims and firms from whom protection money can be extorted.
The number of kidnappings of communications experts has risen sharply.
By now online sales complement the classic drug channels: “All the large cartels are active on the deep web and have understood the importance of Bitcoin”, says hacker Carlo Martinez, who does not wish to provide his real name because of security concerns. “The cartels use the deep web primarily for narcomenudeo, selling small quantities of drugs, but also as a showplace for large deliveries.” Traders offer their wares in drug marketplaces, like the “Silk Road” closed down by the FBI and its successors, and in hidden forums. Like one narco who put 500 kilos of marihuana up for sale. Cartel members often communicate in code, posting about “a truck full of lemons”, for example. In addition to the drug trade, the cartels also complete sensitive deals like trafficking in organs and human beings on the darknet. The criminals use the virtual currency Bitcoin to hide the transaction pathways, and encrypt their communication using PGP, Tor, or apps like Redphone.In Martinez’s view, the Mexican cartels have become “highly cyber-competent”. While many foot soldiers are young, uneducated men from rural areas, every cartel also has clever minds as well. If the IT talent pool at their disposal is not enough, experts are hired or kidnapped.
According to Mexican political magazine Proceso, the number of kidnappings of communications experts has risen sharply since 2009. Around 30 members of telecommunications companies like Networkers, Nextel and IBM have disappeared so far. In 2010, a young programmer was recruited by a company in Mexico City for an IT job – and ended up being forced to complete a project for drug boss “La Barbie”.
Talent can be bought
The Zetas, whose founding members are elite solders who broke with their former employers, the Golf cartel, in 2010, are seen as the high-tech pioneers in Mexico. As part of the massive “Project Reckoning” in 2008, the US Drug Enforcement Administration arrested more than 500 members and supporters of the Golf cartel – including Jose Luis Del Toro Estrada, an IT expert who kept a very low profile. He had no priors, weapons or drugs and ran a small store in McAllen Texas in which he sold technical equipment like walkie talkies as his cover. Del Toro Estrada had worked for the Zetas, then still the armed wing of the Golf cartel, since 2004. He designed a shadow communications and surveillance network that stretched across all of Mexico. He also employed a team of IT specialist to research and develops new tools for the cartel. Del Toro Estrada’s nickname: "El Técnico", the engineer.
According to reports from the Mexican Office of the Public Prosecutor, the Zetas also employ communication experts who monitor government security forces and rivals using a shadow surveillance system and evaluate information mined from blogs, Facebook and Twitter. For special projects they hire corrupt members of the Mexican Special Forces Airmobile Group, GAFE, reports hacker Carlo Martinez. “The drugs trade is the financial muscle that attracts the talent”, Martinez claims. “Recruits can easily earn one million pesos in just two days” – which translates to around 60,000 euros.
The Zetas have also supposedly been responsible for murdering bloggers. But Francesca Bosco, cybercrime expert for the United Nation’s Interregional Crime and Justice Research Center UNICRI, notes that criminals do not necessarily need to be IT experts to locate disagreeable critics or rivals. “Simple hacker tools can be easily bought on the Internet black market or simply downloaded and used with little experience needed.”
The five members of the cyberpolice
The Mexican government is also entering the digital arms race, monitoring social networks, smuggling undercover agents into the darknet. The Mexican secret service CISEN recruits talented hackers as students and trains them for its own purposes – around 30 to 40 IT experts currently hack for the state. In contrast the Mexican cyberpolice is just five hackers strong. They focus on human trafficking and child pornography, by combing through Facebook groups for example.
They are complemented by local IT units in some states – though they are often small or overwhelmed, or working for the cartel themselves. In Gómez Palacio in the state of Durango, the Cártel del Poniente controlled the C4 Unit, the police intelligence and command center, until around the end of January 2013, as reported by an informant to Proceso magazine.Digital show offs like killer "Chino Ántrax" who brag on social networks are a boon for investigators.
Digital show offs like killer "Chino Ántrax" who brag on social networks are a boon for investigators. He left a digital trail that led to his capture: In December 2013, Ántrax was arrested at the Amsterdam airport travelling under the pseudonym Norberto Sicairos García. He was, as always, wearing his skull ring. In the US border city San Diego the "Ántrax" troop is now standing trial. Hacker Martinez still believes that the government is playing catch-up and still does not have enough cyber skills: “Unfortunately the dark side is still way ahead of the game in Mexico.”