The global proliferation of internet access has transformed societies, enabling online and financial inclusion in the developing world. But it has also empowered organized crime in Latin America and the Caribbean, international officials warn.
With 43 percent of the world's online community, Latin
America and the Caribbean -- home to some of the world's most dominant criminal
networks -- has become even more vital to transnational crime, said Amado
Philip de Andrés, the representative of the United Nations Office on Drugs and
Crime (UNODC) in Central America and the Caribbean.
De Andrés cited the emergence of the "internet of things" -- a term used to describe the
web-enablement of mobile devices, consumer appliances, vehicles and
infrastructure -- as one trend reshaping how criminal networks operate.
Research firm Gartner projects that the global number of connected devices will
grow from 8.4 billion this year to 20 billion by
2020.
Criminal syndicates in Latin American and the Caribbean are
exploiting the democratization of web access, de Andrés said. User connectivity
has surged by 1,300 percent over the last 10 years. And with falling smartphone prices, the UN expects mobile supply in
the region to reach two billion by 2018.
Crime as a Service
Smartphone proliferation has jumpstarted the regional "crime as a service" economy, an amorphous online
marketplace where criminals can purchase ready-made digital tools or services
that help them carry out sophisticated criminal activities.
De Andrés said crime as a service in Latin America and the
Caribbean has expanded fivefold in the last three and a half years, fomenting a
symbiotic cyber crime ecosystem where diverse criminal markets come together,
with each sector supporting the others.
In addition to making the digital underworld more accessible
to criminals, the growing ubiquity of mobile devices creates more potential
targets from which to steal sensitive data like bank and credit card
information.
Brazil is the regional leader for banking malware infections, where
malicious email campaigns dupe people into clicking corrupt website links that steal their login
and financial data, according to cybersecurity firm Palo Alto Networks.
Fueled by the growing crime as a service economy, the annual
cost of cyber crime in all Latin American and Caribbean nations has grown to
$90 billion a year, according to a 2016 Inter-American Development Bank
cybersecurity report.
De Andrés told InSight Crime that existing crime groups have
begun to take advantage of the crime as a service industry.
"Based on current investigations linking drug
trafficking cartels and transnational organized crime networks, one could
reckon that traditional organized crime groups are beginning to use the
service-based cyber crime market and are therefore buying access to technical
skills," he said.
In some cases, drug cartels have even physically abducted or
recruited cyber crime talent. For example, Mexico's Zetas and Gulf Cartel crime
groups have both been accused of the 2013 kidnapping of telecommunications engineer
Felipe Peréz. Rumors persist that Peréz was forced into a "shadow hacker
brigade" to build one of the cartels' hidden radio networks.
And in 2016, now-captured Sinaloa Cartel capo
Dámaso López Núñez reportedly enlisted a hacker to wage a social media propaganda
campaign against the "Chapitos" -- the sons of extradited kingpin
Joaquín "El
Chapo" Guzmán -- as he battled the kingpin's children for control of
the organization.
The expansion of the internet of things in Latin America
adds to concerns about the crime as a service industry not only because these
devices often contain weakly-protected personal information, but also due to
the fact that all connected devices can be coerced into botnets, vast networks
of infected computers that hackers use to conduct distributed denial of service
(DDoS) attacks, which can shut down websites and online industrial control
systems by overloading them with traffic. In fact, a 2015 report by communications firm Level 3 Communications
found that Latin America accounted for 12 percent of the world's DDoS events.
Furthermore, DDoS attacks and other breaches can have a
direct impact on drug interdiction efforts. US law enforcement agencies have
reported Mexican drug trafficking organizations hacking their border
surveillance drones, and "spoofing" them with misleading GPS coordinates.
The Dark Web
But overwhelmingly, it is the dark web, a collection of thousands of websites that can
only be accessed with special browser software, which has become the nexus for
the global crime as a service market.
Using Amazon-like sites on the dark web like the
now-shuttered Silk Road, AlphaBay and Playpen, criminals, hackers, rogue nation-state actors,
terrorists and child pornographers are forming increasingly interconnected
networks and furthering what some have called "deviant
globalization."
In Latin America and the Caribbean, de Andrés said, cartels
are exploring the dark web to locate buyers for large-scale cocaine shipments,
while Central American gangs have used these sites to advertise their willingness to help with cross-border
trafficking. Other regional drug traffickers reportedly use underground web
forums to source synthetic opioids from Asia.
But dark web commodities reach far beyond narcotics. For
instance, the international child pornography investigation that led to the
closure of Playpen netted arrests in Chile and Peru. And Mexico has become a world "leader" in this illegal industry, with some major
international investigations exposing the dark web's role in the furtherance of these
crimes.
Invisible Transactions
De Andrés said the dark web enables criminals to exploit
three legitimate features of the modern internet: anonymization, encryption and
virtual currencies. The latter has revolutionized money laundering and
made cyber-enabled financial crime a top enforcement priority for investigators.
Organized crime groups are now using centralized virtual currencies like WebMoney and Perfect Money or
decentralized cryptocurrencies like bitcoin to better cover their financial footprints.
Latin America and the Caribbean was home to the first major
international virtual currency laundering scandal: the US government's takedown
of underworld cyber banking system Liberty Reserve in 2013. Before its closure,
authorities said the service laundered $6 billion worth of illicit transactions
tied to drug trafficking, investment fraud, credit card fraud, data theft and
child pornography.
To further confound law enforcement, Latin American criminal
organizations are employing "money-mule" networks, which structure
virtual and conventional transactions into smaller and more innocuous-looking
sums. De Andrés said each mule receives a commission of between 3 and 5 percent
per transaction.
Crime syndicates are also using legitimate online shopping
sites, where legal goods and services are sold, as well as mobile internet payment systems like Remitly,
Transferwise and Xoom to structure payments.
In Latin America, where market research firm Forrester projects e-commerce sales to reach $42 billion by
2021, de Andrés said that crime groups are often laundering dirty money through
fictitious airline and hotel websites in so-called transaction laundering schemes. De Andrés also said he
expects the dark web retail economy to grow parallel to legitimate e-commerce
over the next seven to ten years.
Dovetailing with increased e-commerce transactions in the
region is the inevitable rise of payment fraud, through "card not
present" transactions, where criminals use stolen payment card information
to obtain goods online, as well as chargeback schemes, which entail fraudulent
disputes over purchases. These schemes are generating billions in losses for online merchants and card
issuers, according to a 2016 study by credit card trade publication The Nilson
Report.
De Andrés said that 60 percent of all payment fraud in
Central America and the Caribbean is due to card not present transactions. And
according to market analytics firm Juniper Research, Brazil and Mexico, two of Latin America's most
significant economies, had the highest 2016 chargeback fraud rates in the world
at 3.5 percent and 2.75 percent, respectively.
Terrorist Influence?
In addition to the above-mentioned issues, de Andrés put
particular emphasis on links between South American criminal networks and
Islamic terrorist organizations.
Although concerns about Islamic terrorism in Latin America
have often been overinflated for political reasons, the
dark web offers an easy path for terror groups to launch attacks in a part of
the world where they have traditionally had little physical presence. Citing
online recruitment of would-be fighters in Trinidad and
Tobago by the Islamic State, de Andrés envisions potential threats involving
terrorists urging followers in Latin America and the Caribbean to launch
attacks against critical infrastructure with military grade cyber exploits sold
on the dark web.
De Andrés also pointed to the use of the dark web to
coordinate transatlantic drug exports, which he said are shipped through the
Central American and Caribbean corridors to reach West Africa. From West
Africa, terrorist groups like Boko Haram transport South American drugs through
the Sahara and into Europe, using the proceeds to fund terrorist activities.
Additionally, transnational money laundering has
at times brought crime groups into contact with terrorist organizations. For
example, US prosecutors alleged that a suspected operative for the Lebanese
militant group Hezbollah used encrypted communications to coordinate money laundering activities for Colombia's Oficina de
Envigado crime group.
Addressing the Threats
To address the rising cyber threat environment, the UNODC
recommends a four-point approach rooted in "prevention, partnerships,
protection and investigation."
The first step in this strategy is for regional governments
to raise awareness and invest in resources to properly train cyber crime
investigators. De Andrés cited the UNODC's initiative to train police in El Salvador on
investigating cyber crime as one good model for a preventative strategy.
Secondly, de Andrés highlighted the need for greater
coordination between Latin American governments and other nations, in order to
promote better intelligence sharing and the "harmonization of
legislation." The latter specifically entails the drafting of multilateral
mutual assistance agreements and extradition treaties that enable more effective enforcement regimes for prosecuting
cyber crime. He also advises partner governments in Latin America and the
Caribbean to create regional cyber crime centers that act as continental hubs
for intelligence sharing.
Thirdly, de Andrés said regional governments need to draft
domestic laws that more accurately reflect evolving cyber crime typologies and
their intersection with transnational organized crime. A sound protective
strategy also requires investing in better network security resources and
exploring new avenues to protect internet of things devices and critical
infrastructure like oil pipelines, power plants and water treatment facilities.
The latter is imperative as a 2015 report authored by German information
security firm Trend Micro and the Organization for American States, a regional
non-government entity, found that only 21 percent of organizations participate in dialogue
with governments about the cyber resilience of their critical infrastructures.
Finally, de Andrés called for an intelligence-based
approach, highlighting the work of the Central American and Caribbean Council
of Public Prosecutors, which brings together skilled organized crime
prosecutors with those experienced in cyber crime investigations to collaborate
across jurisdictions.