In the wake of hacking group Anonymous' threats against the Zetas, analyst James Bosworth looks at the wider issue of cyber activists targeting Mexico's criminal groups.
Numerous media are covering the Anonymous vs. Zetas fight. There are conflicting messages about the validity of the operation, whether Anonymous as a group is backing it and whether anything will occur this Saturday when they are expected to release the names of Zeta collaborators. It's not even clear who was kidnapped, as the original video claims, and whether that person was released. For those who want the most recent news, Stratfor has done a good job covering the issue (some of their analysis overlaps with mine) and the NYT's Damien Cave has been all over the story on his Twitter account.
Without getting into the gritty details about the current event, I wanted to provide some strategic thoughts that look beyond the specifics of this weekend to the general cyber-activist vs cartel situation.
This is primarily a fight over transparency and media. Mexico's transnational criminal organizations (TCOs) target media outlets of all types to control the information flow in the country. They shoot journalists, throw explosives at television stations and hang bloggers off bridges all for the same reason: They are opposed to media outlets exposing their activities. On the other side, the cyber-culture is one that takes joy in exposing the secrets of closed organizations, whether governments, corporations or criminals (though they take great offense at those who would expose their supposedly anonymous identities and personal information). The cartel wish to suppress media clashes directly with the cyber-culture attempts to push organizations towards transparency. That clash is the basic ideology behind this fight.
Hackers are going to attack Mexico's criminal organizations. Whether or not significant operations occur against the Zetas in the coming days, this style of operation is going to occur at points during the coming years. It doesn't take a group of thousands or even hundreds to try to hack into TCO secrets. A small group of 6-12 people could easily start hacking into government police databases or try to get into TCO emails to post them online. The attacks may eventually come from big 'A' Anonymous the group or 'little 'a' anonymous hackers not affiliated with the international organization. It is nearly certain that small groups of hackers are going to turn their sites on Mexico's criminal organizations and expose information about them. To a more limited level, the criminal organizations will increase their own cyber capabilities to do damage to each other and the government.
Hackers can do damage, but criminal targets are limited. In the cyber domain, the Zetas and other Mexican criminal organizations are much lower tech than governments or corporations. The don't control big servers containing significant data that can be hacked. They don't have critical infrastructure such as electrical grids or heavy machinery that could be vulnerable in a cyber attack. They aren't particularly concerned about protecting their intellectual property. They don't even keep most of their secrets online. So while there are certainly targets for the hackers to hit (emails, police records, financial data, propaganda), it's not the same as attacking a government or corporation. That said, I think hackers may be able to damage TCOs if they can figure out how to exploit the financial info they can obtain.
The Mexican government, local officials and businesses are going to get caught in the cyber crossfire. The biggest source of data is going to come not from cartel servers but from government and private sector servers that are hacked by people looking for information. Further, companies may see data exposed online as people try to link them to corruption or cartel operations. Local government officials and police may see themselves accused (accurately or not) of being on the payroll of the criminals based on information posted online. Both corporations and the government should be considering how they will be vulnerable if this conflict between hackers and TCOs escalates online.
The Zetas and other criminal groups have some limited counter-offensive capabilities in the cyber domain. The Zetas have a small group of individuals who are online attempting to track down the hackers who are going after them. They are also employing their offline networks to track down people using cybercafes and university computer labs to post information about their criminal activities. The Mexican criminal capabilities online are nowhere near as sophisticated as those of the best hackers in Anonymous or the cybercriminal groups in Brazil or Eastern Europe or various governments. Nobody should pretend the Mexican criminal organizations are that capable online. But even some limited skills online may help them turn up local hacker identities, putting those people at risk.
Many Mexican hackers are worried about the "Anonymous" video. Mexico's cyber culture has avoided calling out specific enemies up until this point. The video targeting the Zetas does not represent all of those participating in Mexico's online community. Many cyber-activists and hackers are concerned that by having someone call out the Zetas specifically, they have placed a target on all computer-savvy activists who may be involved in spreading information about Mexico's criminal conflict.
Anyone can be anonymous; Anonymous isn't unified. The reason for the conflicting messages over the past week is that anyone can declare themselves a member of Anonymous and there is no leadership within the group that decides whether statements made in the name of Anonymous actually represent the group. This is both a big strength of the group and a big weakness. It's a strength because anyone can anonymously join and participate in operations. It's a weakness when there are divisions over strategy and message among those who have declared themselves to be Anonymous. With that in mind, it explains why a number of Mexican hackers who consider themselves members of Anonymous disagree with the current operation while others continue to push forward.
Mexico's criminal groups face a challenge from non-Mexican hackers. The cyber domain is one where geography is much less of a factor (though not a non-issue as some claim). This means hackers in the US, Europe or elsewhere in Latin America can go after the Zetas and other groups from the safety of their homes. While analysts often portray the transnational criminal groups as being able to cross borders with impunity, that generally refers to illicit trafficking operations more than their violence. The Zetas aren't going to be able to easily target hackers in the U.S. or Europe, even as they are vulnerable to attacks and exposure online from those people.
Hackers walk the line between transparency and vigilantism. In exposing the names of people who work with criminal organizations, hackers aren't simply creating transparency. They are also giving targets to other cartels to kill. Some people have asked whether Anonymous wants to become a part of the violence in this manner. Three points on this: First, as mentioned above, Anonymous isn't unified. Second, though close analysts of Mexico's conflict know how that vigilante situation would play out, not all hackers would realize the consequences of their actions. Third, some hackers, either individuals or those working for other groups, may know the consequences of their actions and willing to carry them out because they feel Zetas collaborators deserve their fate. The motivations of the cyber community aren't going to all be the same on this issue.
This cyber-activist vs. cartel discussion is a secondary issue in both the cyber domain and Mexico's conflict. From the cyber perspective, Mexico faces much bigger threats from viruses, botnets, phishing scams, banking hacks, and espionage by foreign governments and corporations. The fact some cyber activists are targeting the criminal organizations is very interesting, but I would hope Mexico's cybersecurity professionals are spending more time on preparing for and combating threats like Duqu, botnets and corporate espionage than on whether the Zetas are getting hacked. On the conflict side, as anyone who watches Mexico knows, the violence and corruption goes far beyond the killings of a few bloggers or attacks against hackers. Mayors, local police, traditional journalists and illegal migrants, are among the many people targeted by the criminal organizations. Tens of thousands have been killed in recent years. The threat to Mexico is much more offline than online, and the solution must be more about actions on the ground to improve institutions, combat corruption and stop criminal violence than any actions that cyber-activists may take.