With the second seizure of a large-scale radio system belonging to Mexico’s Zetas, it’s clear that the group has established its own, independent telecommunications networks. But it’s also clear that it is a long way from perfecting them.
Judging by the recent haul of telecommunications equipment in the northeast, and another in Veracruz in September, the Zetas had the beginnings of an interesting system. In these and previous take-downs, the capabilities for a completely independent wireless communications network were in place: antennae, repeaters, power sources (including solar panels), laptop computers, and both cellular and radio handsets.
Notable in the most recent seizure were 354 Nextel radio phones — a higher radio take than in previous busts. The seized Nextel radios work on Nextel’s Conexion Directa network, a digital two-way radio “push-to-talk” cellular service that allows for free private calling with selected users. This service is difficult to hack, yet functions much like a police or taxi dispatcher. Up to 100 users can be connected free of charge, with capabilities extending even to cross-border calling. Anything less secure would put the group in an odd situation, i.e., worried about getting hacked itself.
However, it’s also clear from the seizures that the Zetas may not have the firmest grasp of the technology just yet.
Given the transmitter equipment being seized by the Mexican military, for example, it is obvious that the Zetas cartel has also been buying commercial-grade telecommunications gear and establishing their own open-band transmission system with basic encryption — completely independent of Nextel’s licensed spectrum.
Even with software-based security protocols bolted on to the system, it is likely that the Zetas are exposing themselves to “man-in-the-middle” eavesdropping by Mexican authorities. From a purely technological perspective, this would be difficult to do on the Nextel system, as cellular networks — and certainly Motorola’s iDEN technology, which Nextel uses — have rigorous security features, but it would be considerably easier in the unlicensed “white space” used for basic radio.
That said, the way around wireless encryption isn’t to hack it — that’s just too hard — but to know it, usually through what is called “social engineering,” which is essentially having access to human information. In the case of wireless technology, this means knowing the standard practices of technicians and thus creating the necessary safeguards to thwart break-ins.
Think of it like the encrypted Wi-Fi networks, which have solid technology but can still be hacked – if you have the right information. According to security experts contacted by InSight Crime, this is a common problem for all countries in Latin America, because usually it is the Internet Service Providers (ISPs) who are responsible for configuring the routers and access points of their users, and they often repeat practices. In other words: they manage from predefined configurations, including passwords, allowing criminals to hack routers of a given type, potentially compromising others using the same ISP.
Now apply this to cellular networks. Given that Mexican authorities might have access to Nextel’s system, or simply know how to hack it based on an understanding of industry protocol, we should expect that the Zetas’ next move will be to set up a self-encrypted, autonomous communications network, even though the technology itself might be less robust. With that, they will most likely reach their target of a fully-functioning, independent comms network, if they haven’t already.
Tim Wilson is a Canadian journalist with a special interest in Mexico and Central America. His blog can be found at La politica es la politica.