#NarcoFiles: A leak exposes more than 100 DEA agents

Miami Herald / OCCRP

A leak from the Attorney General’s Office of Colombia has exposed the identities of more than 100 Drug Enforcement Administration (DEA) agents of the United States and other federal security forces, along with those of dozens of their Colombian counterparts and other countries.

The names of at least 90 DEA agents and at least 15 investigators from Homeland Security Investigations (HSI – Department of Homeland Security) were revealed in the leak, which was shared with journalists and which includes a significant amount of emails as well as other types of information.

Although the DEA itself did not suffer any hacking and that The journalists participating in the investigative project will not publish the names or any information that would allow the agents to be identified.the leak demonstrates a surprising lack of security measures by Colombia, a strategic ally of the United States in the war against drug cartels.

Former DEA head: “This is a nightmare, cartels can identify agents and informants”

“This is one of his nightmares because [los carteles]…they can identify agents and informants, especially if you are still in the country,” he said Mike Vigil, former head of international operations at the DEA who participated in the agency’s global expansion. “Any time unauthorized people have the names of an agent or an informant, it is not difficult to locate them.”

A cartel may not want to risk the consequences of murdering a DEA agent, Vigil said, but “For them, informants are easy prey because they are considered traitors.” and they will kill them to send a message to others who are thinking of cooperating.” The leak is the basis of Narcofiles, a global investigative journalism project of OCCRP and 40 other media outlets around the world.

In October 2022, The Colombian Prosecutor’s Office acknowledged in a statement that it had been hacked, but did not specify what information was exposed in the virtual attack. The leak potentially poses a greater threat to Colombia as it includes the names of undercover agents, witnesses and key information on informants. A hacktivist calling herself Guacamaya claimed responsibility.

Guacamaya also announced that he had hacked the Secretariat of National Defense (Sedena), as well as military institutions in Chile, Peru, El Salvador and Colombia, among others – apparently exploiting a vulnerability in the Microsoft Exchange email server, which is used by companies and governments around the world.

In his manifesto, Guacamaya described the Colombian Prosecutor’s Office as “one of the most corrupt organizations in the country” and accused it of servility to the interests of the United States. Once he hacked the prosecutor’s office, Guacamaya shared the five terabytes of information, including some seven million emails, with two groups, who then shared the data with journalists.

Spokespeople for the DEA and the Department of Justice did not respond to multiple emails requesting comment.

Requests for US assistance

The NarcoFiles documents include dozens of requests for assistance from the United States Department of Justice to carry out telephone interceptions, surveillance, arrests and extraditions of suspects wanted for drug trafficking and money laundering.

As they are documents linked to investigations that are or have already been used in court, many of them include the names of the agents who investigated specific cases. Furthermore, in the case of witnesses and/or informants, there is often also their telephone number and other information that could put them in danger. In some documents phone numbers and aliases of suspects are mentioned about which the DEA requests help to track them.

The Colombian documents include numerous personal details of Colombian undercover agents and their relatives, often documenting personal backgrounds. Instead, DEA policy requires that information about informants be kept on special forms that are protected and only accessible under documented circumstances, said Vigil, the former DEA chief of operations.

“If the informant was mentioned in any document, it was always a number,” Vigil said, adding that it was never shared with the host country because “there was always the possibility of a risk.”

En NarcoFiles, OCCRP identified at least 90 DEA members, most of whom work in or with Colombia. Some appear in court cases or public documents, but many of them have no trace on the Internet.

Tom Devine, legal director of the Government Accountability Project, a group that represents whistleblowers in cases against the U.S. federal government, said the identification of DEA personnel “represents a risk that endangers the lives of these agents”. “There is a big difference between rumors and confirmation of a working relationship with the United States Government,” Devine stressed.

James O’Brien / OCCRP

Colombia has received more than $13 billion in U.S. foreign aid since 2000, much of it for the military and in support of anti-narcotics efforts. It is unclear to what extent the DEA has funded and advised its partner on cybersecurity, nor what demands it has placed on the protection of sensitive information.

Colombia ranks 81st out of 182 nations and territories in the 2020 Global Cybersecurity Index, published by the International Telecommunication Union in collaboration with the United Nations. The index weighs a country’s laws, technological capacity, organizational structures and global cooperation.

“The region’s continued tendency to suffer major government cyber crises is compelling evidence that coordinated national and regional efforts must be intensified,” the Council of Foreign Relations think tank advised in an expert blog last March. , citing the Guacamaya hacks.

This article is part of ‘NarcoFiles: the new criminal order’, a transnational journalistic investigation into global organized crime, exploring how it innovates and spreads around the world. The project, led by OCCRP with the support of the Latin American Center for Journalistic Investigation (CLIP), began with a leak of emails from the Attorney General’s Office of Colombia that was shared with media around the world. Journalists examined and corroborated the material along with hundreds of documents, databases and interviews.

Leave a Reply

Your email address will not be published. Required fields are marked *