Today, we exist in the information technology renaissance. Desktop computers, as well as mobile devices, such as laptops, smart phones, and tablets that are connected wirelessly, have easy access to corporate networks and information in the cloud. All of this connectivity has made today’s business environment incredibly efficient. But the other, rather sharp, edge of this double-edged sword is the fact that nefarious groups and “lone wolf” individuals have the same access to this technology, which they can use to further their agenda. Consider the coordinated attacks on the Intercontinental Hotel in Mumbai, India. This was the most sophisticated coordinated attack in India’s history and a detailed postmortem analysis showed that these individuals planned, drilled, and perpetrated these attacks in a measurable way, aided by cyber tools.
They used Google Earth to automate the process of target selection, and they were able to pull open-source diagrams of the Intercontinental Hotel to coordinate ingress and egress routes. They applied geospatial imaging concepts to plan the attack and escape, and they used Skype for encrypted secure communications that provided a very low risk of being discovered.
Notably, all of the perpetrators were very young. As young people, they were comfortable with the technology, including geospatial imaging and encrypted communications, which had historically only been available to members of the military, law enforcement, and intelligence communities.
Another example of how criminals are using technology is the use of social media by the Mexican cartels. For today’s cartel, cyberspace is the new battleground, and a Facebook page and IP address are the weapons of choice. These organized crime syndicates have been quick to embrace social media and blogs for intelligence gathering, thereby reducing a process that would have taken years to just days or weeks. Specifically, cartel members are using Facebook for target selection in human trafficking operations, scouring pages for readily available information to help them determine an individual’s value, visibility, and ultimately, vulnerability.
To understand how Facebook is used for target selection, we must first understand that Facebook is a large database of personal information that is posted for public view by the end user. It is also free and available to anyone with an e-mail address. In light of that, all a cartel member has to do to gain access to this extensive database is have an e-mail address and create a Facebook account.
The first step in identifying a target is surveillance. Typically, a victim will pique a cartel member’s interest because he or she is a high-net-worth individual or very visible in the community. Cartels know they can leverage that visibility to their advantage—be it financial or political gain.