Drug Trafficking Logistics, Cyberwar & Missiles Down Smokestacks

Posted on 31 May 2011 by


We’ve been talking about Cyber quite a bit, and were giving it a rest, but this has been an extraordinary week at the start of what promises to be an extraordinary year, so we hope you’ll bear with us.

I started out looking at some new trend information out of the Drug Enforcement Agency, whose Assistant Director and Chief of Operations Thomas M Harrigan recently testified before the Senate caucus on international narcotics control.

The testimony is very well done, and Harrigan makes some very good arguments which are of use when speaking with anyone of the, ‘Hey, man, drugs don’t hurt anyone’ ilk:

More than 38,000 Americans – or approximately 12 times the number of people killed by terrorists on September 11, 2001 – died in 2007 as a direct result of the use of illicit drugs. Approximately seven million people meet the classification for drug dependence or abuse [and] squander their productive potential. Many of these addicts neglect or even abuse their children and/or commit a variety of crimes under the influence of, or in an attempt to obtain, illicit drugs.

Okay, even if it’s a little fast-and-loose with the statistics, overall it’s a good and defensible argument. The reason I was so interested in the testimony in the first place was that it describes some of the trends this year in drug smuggling. So seeing what the DEA says about the logistics of moving drugs across the world is something I look forward to.

Here’s a couple of nice statements – not too difficult to suss out without Senate testimony but nice to see in black and white:

  • Panama, Honduras, and Guatemala remain the most utilized transshipment and consolidation points for South American cocaine before subsequent shipment to Mexico and the United States.
  • Increasingly, precursor chemicals necessary for the manufacture of methamphetamine are being trafficked through Central America.
  • South American heroin is also trafficked via the same methods as cocaine.
  • Due to a lack of reliable overland routes between Colombia and Panama, cocaine tends to arrive in Panama via maritime vessels.
  • Corruption is a significant problem with both law enforcement and the owners and operators of ports.
  • Almost universally, Central American port authorities lack the ability to handle the vetting of the high volume of cargo in their ports.
  • There is presently little capacity, other than an ongoing Container Security Initiative (CSI) program in Panama, to properly screen the volume of cargo that transits Central American ports.
  • Recently, Guatemala has become an increasingly important staging and consolidation point for cocaine before it is brought across the border into Mexico.

Just around the time I was typing this up, something else caught my eye, and it was Dave Aitel writing in The Daily Dave. He is talking about the recent unpleasantness at Lockheed Martin and several other U.S. military contractors. As I wrote this, PBS was still reeling and trying to recover from multiple attacks on its webservers – which at one point resulted in a false news story being placed on its website, and later, hackers defaced a page on which PBS sought to explain the hack to its readers.

So Aitel is writing about the concept of cyber war (a frequent theme on his list) and that of a “weapon of mass disruption”:

So what is a weapon of mass disruption? I would say one feature of Cyber is that it DIRECTLY attacks things that can only be indirectly attacked by other measures.

These Cyber weapons of mass disruption have been under professional development for some time, and it seems it’s just about time to let the dogs out. We might not have seen it yet, but that’s because we may not have been looking, or known where to look or what to look for. Let’s start here: law enforcement agencies and officers must start to look from the 100,000-foot vantage point at cybercrime and Cyber attacks, instead of from the ground.

One can liken the difficulty of the fight against Cyber crime to the difficulty (though not, of course, by any means the danger) of the DEA’s battle against drugs because we’re dealing with similar profits, on a similarly large scale, and the issue is about as intensely and impossibly complex.

It’s safe to say that drug trafficking organizations – organized drug gangs – have the ability to wreak havoc on society. With 83 offices in 63 countries, the DEA has the largest overseas law enforcement presence of any US agency. In Fiscal Year 2010, the DEA’s Operation All-Inclusive (OAI) – which comprises land, air, sea, and financial attacks with synchronized interagency counterdrug operations – resulted in the seizures of 70 metric tons of cocaine, 442 kilograms of heroin, 101 metric tons of marijuana, 538 kilograms of methamphetamine, 281,655 kilograms of precursor chemicals, $40 million in currency and assets, 199 weapons, and led to the arrests of 1,198 individuals. That’s just one (albeit one big) operation.

It is similarly safe to say that criminal gangs with offensive Cyber capabilities have the ability to cause societal disruption on a massive scale, but there’s no Cyber-OAI yet.

We need one.

Leaving out the drama and black-helicopter narratives of who would attack a vendor of authentication technology, and then use information gained in that attack to launch a sophisticated attack against defense contractors who use those authentication technologies (and this statement takes a flying and unsupported logical leap and assumes the link), the past year has seen hints of what can easily become massive disruption on a societal scale.

Consider for a moment the recent attacks against Sony. One would be hard-pressed to consider the Sony Playstation Network a critical infrastructure component, but when its network gets hacked, it loses hundreds of millions of dollars, exposes more than 70 million customer credit cards, and its troubles are just beginning. Is that serious? You betchya.

It’s always interesting to hear Cyber-warfare theorists debating when things will “go kinetic” (basically meaning a physical response to a logical attack) when hundreds of millions of dollars a year are lost to cyber-crime, credit- and debit-card fraud, all abetted or committed with computers.

That’s pretty forkin’ kinetic already if you ask me. But let’s not: let’s listen to the UK Government, which recently estimated that cyber crime is costing the UK £27bn ($44.47bn) annually.

Or let’s listen to the Pentagon, which as the Wall Street Journal reports today, believes that Cyber Combat is an Act of War.

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.

In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.

All this is why it was great to read Dave’s piece, which puts these issues into better perspective:

Obama’s campaign got hacked in 2008. Palin’s mailspools leaked in 2008. No one seemed to care about either other than for the lulz. I don’t think 2012 will be the same thing. You’re going to start seeing major, game changing impact from these events on all sides of the fence, and at all levels of political activity.

I’m intentionally leaving out of this article talk of things like Stuxnet, frankly because it’s the end of a holiday weekend and I don’t want to ruin your week.

But if you’re not reading up on this stuff, it’ll sneak up on you.