AusCERT 2012: Facebook automates human trafficking ops

Blogs and Facebook co-opted into a bloody business.

For today’s Mexican cartel Facebook and an IP address is as invaluable as machine guns and armour-piercing bullets, says Brad Barker, president and founder of US intelligence contractor, HALO corporation.

In Barker’s view, ‘cyberspace’ is the new battleground and social media is the weapon of choice, of course backed by actual weapons, killers, and transport for shifting drugs and humans.

The problem for US law enforcement is that Mexican drug cartels have been quicker than them to embrace social media, such as Facebook but also blogs, for intelligence gathering, Barker told the AusCERT conference in Queensland.

Media and social media is the weapon of “mass effect”, said Barker.

“They’re killing people, they’re using media to get their word out. It’s media that’s the payload,” he said.

Facebook has allowed cartel members to automate intelligence gathering processes that would have taken trained intelligence gatherers years to acquire.

As evidence of his claim, Barker pointed to the La Familia Mexican cartel which recently incorporated Facebook into its ‘mode of operation’ for human trafficking. The cartel would plant a teenager, illegally brought in to the US from Mexico, in an expensive US private school as part of a human trafficking program.

“The kid attends class, gets good grades, joins sports teams, gets popular. They get on Facebook, they Friend everybody. I Like you, I Like you, I Like you,” he said.

What sounds like a convoluted method of intelligence gathering is in fact highly efficient, said Barker.

As the social network built up, La Familia “shot-callers” in Mexico were logging in to the plant’s Facebook page and scouring it for human trafficking targets.

“And they said, bring me her, bring me her and bring me her,” he said, with the kidnapping decision based on visibility, value and vulnerability.

“They’re doing this remotely from a foreign country with agents in the US, and they’re using Facebook to automate the process of target selection.”

Another turning point for Mexican cartels’ use of technology occurred after the confusing standoff between Anonymous and the Zeta cartel over an allegedly kidnapped Mexican blogger who had an affiliation Anonymous.

Anonymous’ threat to expose members of the cartel was met with the response that 10 people would be killed for every person whose details it leaked. The blogger was released but Anonymous backed down and chose to sit on the information they claimed to hold.

“Anonymous, a hacker group - very powerful - basically bailed on Operation Zeta. And now the Zetas ... went up against the most sophisticated hacktivist group in the world and prevailed.”

While not everyone would agree with Barker’s assessment of Anonymous, the Zeta’s triumph “sent a very serious message to law enforcement in the region that these guys are standing virtually uncontested.”

More importantly, the event inspired the Zetas to invest in IT training that would be used to silence Mexican bloggers.

“The Zetas got confident and started to outsource some training for how to do IP trace routing. They learned how to tag, track, locate and eliminate the people that were blogging the cartel’s activities,” said Barker.

“It was chocking off their revenue streams... They had to put an end to it. And how did they do it? The same old way they have been: by killing people in a public way and torturing them and then writing notes to the media in their own blood that this is what happens to you if you blog about the Zetas.”


Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about CERT Australiaetworkf2Facebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts