For Mexican gangs, cybercrime is a boon far less dangerous than their usual pursuits. Young computer science graduates pay the price.
The criminal world is developing a certain interest in cyber: in Italy the mafia is interested in hackers, as are the Japanese Yakuza. But none of these organizations has a strike force comparable to that of the Mexican cartels. They have veritable small armies of sicarios (thugs), and their territories extend over entire swaths of Mexico. Above all, their funds reach a colossal size. According to American studies, the cartels would represent almost a third of the gross domestic product (GDP) of Mexico. Since the 2010s, cartel leaders have been interested in the possible advantages that cyber branches could bring. If at the beginning they only intended to use hackers to protect themselves from DEA spyware, their vision changed drastically when they came into contact with cybercriminals. Cartel bosses now understand the full potential of cybercrime.
Potentially large, risk-free profits
The profits that can be generated by an army of cybercriminals has whetted the appetite of the cartels: theft of data allowing to know the next operations of the Mexican Marina against them, sensitive data aimed at blackmailing politicians, ransomware to gain money and especially cryptocurrency to protect their fortune. And all this without running the usual risks of the trade…
Indeed, the cartels are under strong pressure in Mexico. To begin with, the war waged on them by the government with the support of the American DEA leads to several thousand deaths a year and real scenes of urban guerrilla warfare. The inter-cartel war brings assassination threats to all cartel leaders and their men. And finally, the war against self-defense groups, groups of Mexican peasants formed into a militia, which alone are responsible, for example, for the fall of the Templar cartel in 2017. In contrast to this lackluster picture, the Cybercrime is a walk in the park for cartels. But they lack the manpower to open their “franchise” of cybercriminals. Then there is the question of recruitment.
To recruit, the cartels go through two channels. Either they accost young hackers spotted on the internet for petty theft and offer them a good salary, or they look for their future “employees” at the end of computer science faculties and pretend to be completely legal companies. But very quickly, the new recruits are confronted with the grim reality of the cartel world. Some organizations do not hesitate to sequester them. The sequestration also aims to protect the cartel, the leaders doubting the resistance of these “nerds” in the face of the muscular interrogations of the Marina or the police. The young hackers also discover that by engaging in a cartel, they tattoo a target on their backs. They become prime targets for the Mexican authorities. Moreover, the other cartels do not hesitate to bring them down on the grounds of their belonging to a competing organization. Not to mention that any suspicion of betrayal on their part against their employer means a violent death.
Rather stormy relations between hackers and narcos
The unorthodox recruitment methods of the cartels coupled with the dangerousness of the profession pushes some young hackers to rebellion and therefore to betrayal. This was the case of Fernando Ernesto Villegas Alvarez nicknamed “El guero”, a young computer scientist approached by a certain Moisé Arturo Zárate. The latter offers “El guero” to work for a computer consulting company in the city of Acapulco. “El guero” accepted the offer. Arriving there, the young computer scientist quickly realized that he was not working for a company but for the cartel of the Beltrán Leyva brothers. The young man did try to negotiate a breach of contract, but his new employers kindly explained to him that when you become a member of a cartel, it’s for life. He then found himself having to analyze the computer of a man nicknamed “The Barbie”, whose real name was Edgar Valdez Villarreal, one of the key members of the cartel. These daily scans are designed to detect spyware that the DEA might install. “El guero” became the cyber bodyguard of “La Barbie”.
Eventually, the young computer scientist ends up being captured along with other cartel members during a federal police raid in Acapulco. He was interrogated by the police who incarcerated him in a prison in Mexico City. A month later, his boss “La Barbie” was in turn arrested. The young hacker attempted to prove his innocence but was ultimately convicted of being part of a cartel. In addition, members of his cartel suspected him of treason and leading the police to “La Barbie”.
Another hacker will also fail his employers. His name has been anonymized following this case and he lives under a new identity. He worked for Dámaso López Nuñez alias “El Licenciado”, the provisional leader of the Sinaloa Cartel, the most powerful cartel in Mexico, which was headed by the famous “El Chapo” Joaquim Guzmann. After the arrest of “El Chapo” in 2016, “El Licenciado” took over the reins. The new boss hired a hacker to protect himself from spyware. But the latter, probably dissatisfied with his working conditions, decided to collaborate with the Mexican federal police in exchange for a new identity and an amnesty. He provided them with recent photos of “El Licenciado”, and above all installed spyware in the drug baron’s phone. Thanks to all these elements the police were able to arrest the new leader of the Sinaloa Cartel.
If these incidents with hackers have tarnished the image that narcos have of cybercrime, this has not been enough to moderate their desire to establish themselves in this universe. They continue to massively recruit hackers to park them, and have even created hacker farms. Mexican cartels therefore continue to diversify into cyber.