DEA Congressional Testimony
September 11, 1997

DEA Congressional Testimony

Statement by:
Anthony R. Bocchichio
Assistant Administrator for Operational Support

Before the:
The House Judiciary Committee, Subcommittee on Crime

Regarding:
Clone Phones

Date:
September 11, 1997

Note: This document may not reflect changes made in actual delivery.

Contents

I. International Organized Crime Today and Yesterday

II. Organized Crime’s Surrogates in the United States

III. THE TECHNOLOGY OF CLONED CELLULAR PHONES

IV. THE PROBLEMS POSED TO LAW ENFORCEMENT BY CLONED CELLULAR PHONES

V. CONCLUSION

 

Chairman McCollum, Members of the Subcommittee: Thank you for the opportunity to submit my comments for the record on the issue of cloned cellular telephones and their use by the organized international criminal groups that control drug trafficking in our hemisphere. Cloned cellular phones are made by criminals who illegally monitor legitimate cell phone communications, record the identification numbers from these calls, and program them into their own phones, thus making a "clone" of the legitimate phone. The criminals can then use these phones in furtherance of their crimes, with the bill going to the legitimate customer -- at least temporarily before the fraud is detected. Before discussing clone phones and the challenge they pose to law enforcement, specifically, it is important to discuss several lessons we have learned over the past several years while investigating international criminal groups -- lessons which are shaping our current approach to drug law enforcement at home and overseas.

I would like to provide you and the Members of the Subcommittee with a picture of how today’s international organized crime syndicates operate and how they use a sophisticated command and control system to run their drug trafficking organizations within the United States, to distribute the poison they bring into our country. I would like to set the stage with the evolution of drug traffickers’ use of technological advances in the past and how we see them using technology now.

 

I. International Organized Crime Today and Yesterday

Powerful international drug syndicates operate around the world, supplying drugs to American communities, employing thousands of individuals to transport and distribute drugs. The most significant international drug syndicates operating today are far more powerful and violent than any organized criminal groups that we have experienced in American law enforcement. Frequently, these trafficking groups are referred to as "cartels" or "federations" -- titles that make these organizations sound like businessmen but that do not capture the true nature of their criminal activities.

Today’s major international organized crime drug syndicates are simply the 1990's versions of traditional organized crime mobsters U.S. law enforcement officials have fought since the beginning of this century.

Traditional organized crime leaders operating in places like New York, Chicago or Las Vegas called their business shots on American soil; major traffickers from Colombia and Mexico make decisions from the safety of their headquarters in Cali or Guadalajara. After several decades, law enforcement officers in the U.S. were eventually able to identify, target, arrest, and prosecute mob bosses. Experience has demonstrated that the most effective strategy against organized crime is to direct investigative assets at the leadership of the organized crime syndicates.

There are, however, several key differences between these groups and their one-time domestic counterparts. Members of international groups headquartered in Colombia and Mexico have at their disposal sophisticated technology -- encrypted phones, faxes, and other communications equipment as well as cloned cellular telephones. Additionally, they have in their arsenal aircraft, radar, weapons and an army of workers who oversee the drug business from its raw beginnings in South American jungles to the urban areas within the United States. All of this modern technology and these vast resources enable the leaders of international criminal groups to build organizations which reach into the heartland of America, while they themselves remain beyond the reach of American justice.

During the time the Colombian National Police were engaged in their campaign to bring down the Medellin Crime Syndicate, a group of young criminals in Cali, Colombia, led by Miguel Rodrigues Orejuela, his brother Gilberto, and Jose Santa Cruz-Londono were building what was to become the most prolific and successful criminal enterprise in history. Orejuela created an enormous monolithic organization that orchestrated the manufacture of hundreds of tons of cocaine in Colombia, which were moved through the Caribbean and later Mexico, to U.S. markets. However, they were far wealthier, far more dangerous, far more influential, and had a much more devastating impact on the day-to-day lives of the citizens of our country than either their domestic predecessors or the crime families from Medellin.

The Cali bosses were pioneers in using technology to further their goals. They were sophisticated, high tech and proficient in the use of cell phones, pagers, faxes and other conveniences. The cell structure of the monolithic Cali mafia necessitated a complex system of communications to enable the organization’s leaders to know in a moment where every kilo of cocaine was located, how much profit was being made, and where and when deliveries would take place. By using cell phones and pagers, the Cali leaders communicated with different segments of the organization, and provided only pieces of information to each segment, reducing the vulnerability of individuals and the entire organization. Today, a top manager from a Colombian trafficking organization may be as "wired" as any business executive in Silicon Valley. He may use dozens of cell phones, often phones that have been cloned, each day to avoid tracing, keep records in encrypted files in a networked data base, and coordinate his organization by using networked computers.

In the early 1990s, the Colombians turned to the less sophisticated and structured Mexican trafficking groups to move their products to growing American drug markets through Mexico and across the U.S. border. These Mexican groups’ entrance into the cocaine trade in the United States and their subsequent ascension to power has garnered them enormous wealth and a demonstrative expansion in their spheres of influence. The organized criminal groups from Mexico now control virtually all cocaine sold in the Western half of the United States and, for the first time, we are seeing a concerted effort on their part to expand into the lucrative East Coast market.

As complex as these communications arrangements of these criminal groups were, U.S. law enforcement agencies have been able to exploit their communications by using court approved telephone intercepts. With the top leadership of these organizations in hiding beyond the reach of U.S. law enforcement, we directed our resources at their organizational structure, and their transportation and distribution elements in the United States.

Technology has advanced rapidly and the traffickers have more than kept up. As long as there is technology, the world’s most powerful drug traffickers will find ways to conduct their business, even from jail. Recently the Colombian National Police (CNP) learned that Miguel and Gilberto Rodriguez Orejuela were conducting business over cell phones, the Internet and faxes from their prison cells. (The CNP raided offices of private telecommunications switching centers in Bogota where the jailed leaders had bribed a clerk to patch their calls to anywhere in the world).

 

II. Organized Crime’s Surrogates in the United States

The international drug trafficking syndicates cannot operate effectively without an infrastructure in the United States composed of high level managers, transporters, accountants, communications experts, storage experts and enforcers. The Colombian traffickers, and to a large extent, the traffickers from Mexico have established bases of operations in major U.S. cities, and rely on an intricate network of cells, similar to international terrorist organizations in the way they are insulated from each other. Cell managers maintain close communication with syndicate leaders in Colombia and Mexico, and are in some sense, the "foreign service" of these drug organizations, representing the syndicate’s interests abroad.

These surrogates who control operations throughout the U.S. engage in complicated efforts to avoid having their telephone communications vulnerable to legal wiretaps. They buy legitimate and cloned cell phones in lots of 10-20, which are used for a few weeks or even days and then quickly discarded and replaced in order to evade wiretaps by moving from phone to phone more quickly than law enforcement could keep up. Pagers are used to communicate locations through codes, not phone numbers, which could be incriminating. Pay phones are frequently used instead of their private line phones which are likely to be tapped. The sight of a drug trafficker stuffing rolls of quarters into pay phones during long distance calls to Colombia is common. Sophisticated codeword systems were developed to communicate times and locations for drug deliveries and money pickups, as well as key telephone numbers which could be used for incoming calls. We are able to exploit all these communications to some degree by using court approved wiretap intercepts.

 

 III. THE TECHNOLOGY OF CLONED CELLULAR PHONES

Today’s international drug trafficking organizations are the wealthiest, most powerful, and most ruthless organized crime organizations we have ever faced. We know from our investigations that they utilize their virtually unlimited wealth to purchase the most sophisticated electronic equipment available on the market to facilitate their illegal activities. We have begun to see that this includes widespread use of cloned cellular telephones. Aside from the crimes which may be committed once the phones are cloned, fraud from cloning is estimated to cost the cellular industry more than $1 million every day. Costs are expected to rise by 40% per year unless effective countermeasures are taken. Not only are the customers whose phones are cloned inconvenienced, but every customer is hurt as companies raise rates to cover losses to fraud.

Cloning cellular phones, also known as cellular-phone piracy, is accomplished by staking out high-traffic areas, such as airports, bridges, tunnels or office complexes, and using electronic scanners to record the cell phone identification numbers, as citizens in the area make legitimate calls with their phones. Technically, these numbers are the cellular phone number, or mobile identification number (MIN), and the electronic serial number (ESN). These identification numbers are then programmed, or "cloned," using commercially available software, on another telephone instrument. This process, although seemingly complex, actually takes only about a minute for the technically skilled criminal to accomplish.

Legally, this procedure is a variety of counterfeit fraud. Any calls made with that phone are billed to, and traced to, the original, legitimate phone account. Innocent citizens end up with huge, unexplained monthly phone bills. A related form of counterfeit fraud is the use of "tumbler phones," in which the criminals switch the MIN and ESN combinations in their phones at will. These MIN and ESN combinations may enable the cell phone to penetrate some switching systems, giving the criminals free cell phone service, but without the theft from legitimate customers. Because of the continuously changing MIN and ESN numbers, law enforcement will not likely be able to trace tumbler phones.

The newest and most insidious form of cell phone counterfeit is the "Tumbler-Clone." This method shifts through the numerous legitimate MIN and ESN pairs, which have been previously pirated, programed into the phone, using a different pair at each call. At the switch, it will appear that a different legitimate phone makes each call. This method has not yet been a proven success, and is not yet widespread.

A cell phone theft method similar to counterfeit fraud is subscription fraud. This method requires someone on the inside of a telecommunications carrier unknowingly or willingly allowing a customer to present false or altered identification and receive activated cellular service. The fraudulent customer then enjoys free cell service, at least until the carrier terminates service for non-payment.

Once the cloned phone is in use by the criminals, the time until the clone is detected by the carrier or by the customer can vary. The carriers have programmed their systems to recognize high volume calls to key cities, international calls, or excessive calling patterns, tipping them off to a potential fraud in process. The systems can also recognize the legitimate phone apparently operating in two geographical parts of the system at the same time, a physical impossibility indicating the presence of a clone phone in operation. Otherwise, the first warning may be when a customer receives a huge phone bill, and complains to the carrier. The carrier can shut off the clone phone instantly, and customers can have the fraudulent bills credited by the carrier. The carrier, however, has already incurred the cost.

Once the cell phone pirates have done their work, through whichever method, other criminal groups will buy these stolen cell phone accounts in bulk from the individuals or organizations doing the cloning. This process is so simple that traffickers can communicate using a stock of "throw-away" phones, which are sometimes disposed of after just one call in an effort to stay even further ahead of law enforcement efforts to trace them. Put another way, traffickers rotating phones in this manner basically thwart efforts at intercepting their phone conversations. Not being able to intercept the command and control communications of a trafficking frustrates one of our most valuable investigative tools.

We have seen these criminals use cloned cell phones widely throughout their trafficking organizations and as part of their compartmentalization in international trafficking of drugs. These phones are used to issue orders between the leaders of transportation and distribution cells regarding the movement of thousands of tons of cocaine from Colombia and Mexico on the streets of the United States. Clone phones are more widely used by criminals in the next layer down in the cocaine and other drug trafficking organizations in the United States, to communicate between themselves.

Starting in the early 1990s, DEA wire intercept cases began to encounter widespread use of cloned cellular phones by major trafficking organizations, especially Colombian traffickers. The Aldemar Barona organization, a Colombian group responsible for distributing over 1,200 kilograms of cocaine per month relied heavily on clone phones to coordinate its operations. Ferni Bravo, the New York cell manager, and his workers used cloned cellular phones to conduct their day-to-day business and to avoid interception. Bravo always used cloned cell phones to communicate with Barona in Colombia, to receive information on arriving shipments of cocaine and directions on returning drug proceeds to Colombia. During this investigation, Bravo changed cloned phones every week or two, making it extremely difficult to identify his new phones in order to obtain a Title III warrant before he moved on to the next phone.

In the period from 1993 to 1995, the problem of cell phone cloning in New York was at its peak. During this time, two U.S. Secret Service agents were detailed to DEA’s New York Division to work cases jointly, so as to more efficiently direct law enforcement resources against the problem. The increased use of cloned cell phones continued throughout 1995, when the Colombians switched to other means of communications, which I will detail below.

During this same time, several major investigations exposed law enforcement’s ability to intercept cloned phones, making them a less than perfect means of avoiding detection and interception. The more sophisticated trafficking groups adopted new and more complicated telecommunications technologies which became available in the mid-1990s. Law enforcement investigations of cell phones used for criminal purposes, in addition to telephone company efforts at fraud management, have decreased the use of cloned phones by sophisticated trafficker organizations. Recent technologies such as authentification, radio frequency fingerprinting, and the development of the digital Personal Communications System (PCS), as an attractive alternative, have decreased the opportunities for cloning. Many American citizens are still vulnerable to cell phone piracy, however, -- over three million customers still own phones that can be cloned. Some of the new communications technologies, which the sophisticated traffickers adopted, include the following:

Phone arcades or Phone Banks: These are essentially a storefront business with a dozen or so small phone booths. A customer pays the store clerk, in cash, for the calls made -- based on duration and destination. Although Title III investigations have been conducted against this activity, the very nature of the operation -- in which the caller remains anonymously behind a cash transaction with the clerk -- has meant that the investigations have not produced significant results.

Pre-paid Cellular Phones: These so called "Can Call" phones can be purchased in vending machines or from distributors, each one already supplied with a pre-paid amount of calling time. Use of this method makes such calls extremely difficult to trace, as the calls take place after payment is made.

Pre-paid Calling Cards: These cards can be purchased from vending machines, in convenience stores, or even through cereal box promotions or through airline magazines. The cards can then be used by traffickers to place calls that, because of their volume and easy accessability, are extremely difficult for law enforcement to trace.

Digital Cellular Phones: Because these phones employ transmissions of a string of digits, rather than an analog voice signal, requiring digital equipment to receive or intercept, these phone provide a significant measure of privacy to the caller. They are the most secure form of communications available on the open market, especially when coupled with encryption devices. These digital phones are less likely to be cloned than older, analog phones. Until the networks become fully digital, the "network handshake" that sets up a call from a digital phone to an analog phone will still be conducted in analog mode. This portion of the transmission may still be cloned.

Today, in 1997, cloned phones are being widely used by surrogate groups who distribute cocaine, heroin, and methamphetamine for the powerful organized crime groups from Colombia and Mexico. Such groups include Dominican groups, African-American and Puerto Rican street gangs. Nigerian traffickers, who distribute wholesale heroin from Southeast Asia throughout the U.S., have also demonstrated a proclivity for cloned phones.

DEA Divisions across the country have had several investigations in the recent past in which we encountered the use of cloned cellular phones -- showing how wide spread this problem is. These traffickers are able, when using cloned phones to avoid tracing or interception, to pass orders on movements, places and times of delivery, and mode of transportation for cocaine, heroin, and methamphetamine. The traffickers have a reasonable certainty that U.S. law enforcement will temporarily not be able to intercept their communications while we catch up with their rapid shifting of phones.

In Philadelphia in 1996, the Javier Usman organization used cloned phones to avoid detection by law enforcement in conducting his operations that sold 8 - 12 kilograms of cocaine a week on the streets of Philadelphia. The cocaine was supplied by a group in Cali, Colombia. The Usman organization used threats and intimidation to protect their territory. The Title III investigation on the cloned phone led to seizure of 10 kilograms of cocaine.

The Newark Division had the Brian Thomas Elliot case in 1996, where the violator had a cloning apparatus and used four different cloned phones during the investigation. In the Glenn Walker case in 1994, DEA and Secret Service investigators conducted Title III intercepts on three cloned cell phones used by the violators, who hired another individual to do the cloning for them. The traffickers threw away the first phone before the intercept was initiated. The telephone company kept the next two phones in service for more than a month, longer than the usual turnover time, enabling the investigators the time needed to build the case. The investigation ended with 30 arrests, and seizure of a kilogram of cocaine and several handguns. DEA seized 20 cloned cell phones and a hundred cloned beepers, along with the cloning equipment, from the cloning technician.

A Baltimore investigation in 1995 involved kilogram quantities of Heroin being brought into New York by Colombian nationals, and distributed in the Baltimore, Maryland area. The Colombians, the middlemen in New York, and the Baltimore distributor used cloned cell phones, The distributor routinely switched phones every few weeks, making it very difficult to identify the new number and maintain the Title III intercepts. Documenting the probable cause to show that the new phone would be used for drug operations was an intensive effort.

In the Chicago Division in 1997, the Minneapolis office encountered a methamphetamine distribution organization, connected to sources in Mexico, using clone phones to manage its operations in the St. Paul area. More than 30 pounds of methamphetamine a month was being transported, through California, to St. Paul, where it was distributed by Mexican-American gangs. The distributors used cell phones cloned from phones belonging to a large business in the area, rather than from private individuals. The business was billed for all its cell phones on one statement, and did not notice the increased volume of calls on a few of its phones. The traffickers, therefore, continued to use each phone for a month or more, longer than the usual turnaround time, enabling DEA to keep a Title III intercept in place long enough to make a case leading to seizure of 20 pounds of methamphetamine.

Also in the Chicago Division, another case in 1995 involved a criminal group in the Chicago area distributing small amounts of Heroin and kilogram amounts of Coke from sources of supply in Colombia. The distributors used clone phones for all their communications, both coordinating their drug operations and their personal conversations as well. In fact, some of the members of the group did not even own legitimate phones. The group also used cloned cell phones to communicate with the sources in Colombia. The cell phones were cloned by a violator working with the trafficking group, who guaranteed that the clone phones bought from him would be good for a minimum period of service before being detected and shut off by the carrier, or he would issue another cloned cell phone with the same guarantee.

 

IV. THE PROBLEMS POSED TO LAW ENFORCEMENT BY CLONED CELLULAR PHONES

Like other technologies, the development of cellular telephone communications in the 1980s threatened to out pace law enforcement’s ability to adjust to the changing environment. Law Enforcement met the technical challenge, and continues to meet it through CALEA and related efforts to keep pace with digital telephony. Cell phone piracy shows that criminals have taken the next logical step in technology. They can communicate with each other with flexibility, as they have long done, but now they can do so more anonymously and can remain better insulated from detection. Provided the turnover rate, at which they move to a new phone and discard an old one, is less than 2-3 weeks, they can beat the average amount of time it generally takes to obtain a court ordered intercept warrant. By the time investigators identify a violator using a cloned phone and follow the traditional path to a Title III intercept, the violator has moved on to the next cloned phone -- thus staying a step ahead of the law.

We have seen the organized criminal groups from Mexico use cell phones, as well as other sophisticated technology, to communicate with the surrogates they employ in the United States. If these criminal drug gangs have unfettered access cloned cellular communications, with which we in law enforcement cannot keep pace, then they will be able to do more than issue orders for transporting drugs which we cannot easily foil. We have seen violence erupt on both sides of the U.S.-Mexico border in recent years. With presumably private conversations, the traffickers will be able to issue with impunity "death warrants" for U.S. law enforcement officers, for witnesses, or for innocent civilians. They will be able to continue their reign of drug terror in the United States -- a very immediate, bloody threat to the national security in addition to the threat from the drugs they sell.

In addition to the potential for violence, cloning cell phones poses a strategic problem for DEA in its focus on the communications of command and control functions of international drug trafficking organizations. We rely on the intelligence gathered from Title III intercepts of their communications to build a picture of the organizations, identify the individual members, and obtain evidence enabling us to make arrests and take apart whole sections of the criminal organizations at a time -- as we did recently in Operations Limelight and Reciprocity. These investigations have clearly demonstrated the value of this approach. To the extent that the communications of these groups are placed beyond our reach by cloned cellular phones, and other technological advances, such as encryption and digital telephony, which change at a rate with which we cannot keep up, we will be severely hindered in our ability to make cases against the leadership and U.S.-based infrastructure of these powerful organizations which control the drug trade in our hemisphere.

Finally, the use of cloning and other advanced technology degrades DEA’s ability to gather key tactical intelligence needed by the interdiction agencies. Given the volume of commercial traffic across the U.S. borders and at U.S. ports of entry, and the sophistication employed by these organized criminal syndicates to smuggle drugs into our country, interdiction is dependent on the intelligence we provide in order to remain effective.

 

 V. CONCLUSION

It would be an historic mistake not to stem the growing tide of cell phone piracy. The drug traffickers operating on a global scale today already have at their disposal technology, transportation capabilities and communications equipment which are the envy of many U.S. corporations. Law enforcement capabilities must match the capabilities of major traffickers. However, with rapid changes in technology, such as cellular communications systems, and encrypted equipment, and with assistance from U.S. manufacturers, law enforcement is facing a difficult situation which, unless quickly addressed, will even more seriously impede our ability to do business in just a few, short years.

Home USDOJ.GOV Privacy Policy Contact Us Site Map