Cyber Threat Actor: Tijuana Cartel

The Tijuana Cartel, also known by its alias, is a criminal organization based in Mexico that has extended its operations into the cyber domain to support its illicit drug trafficking activities. The group is primarily identified as a drug cartel rather than a state‑sponsored actor, and its involvement in cyber incidents has been documented by U.S. law‑enforcement agencies. Its known location in Mexico situates it near the United States border, which is the focal point of the cyber‑enabled actions attributed to it.

The cartel’s targeting has been observed against unmanned air vehicles operated by the U.S. Customs and Border Protection agency along the U.S.–Mexican border. By interfering with these drones, the group aims to create gaps in aerial surveillance that allow smugglers to move people and narcotics across the border without detection. The strategic objective is therefore facilitation of illegal crossings rather than espionage, financial gain through data theft, or disruption for its own sake; the cyber activity serves as a tactical enabler for the cartel’s core smuggling enterprise.

The reported tactics involve GPS spoofing, wherein the cartel transmits false GPS signals to the drones’ receivers, causing the aircraft to deviate from their programmed patrol routes. This is achieved using ground‑based jamming and spoofing devices that mimic legitimate satellite data, prompting the drones to follow erroneous coordinates until they exhaust fuel or the spoofing is halted. No malware families, exploit kits, or traditional hacking tools are mentioned in the source material; the tooling style is limited to radio‑frequency equipment designed for GPS manipulation. Attribution to a state sponsor is absent, with the activity openly attributed to criminal traffickers acting independently. The most notable publicly reported operation occurred in 2016, when the Department of Homeland Security and Customs and Border Protection disclosed that drug traffickers had successfully hacked border patrol drones using this technique, prompting discussions about the need for anti‑spoofing hardware in law‑enforcement UAVs.