Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Mexican Privacy Watchdog Criticizes Government Over Spyware

Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.

Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.

Commissioners of Mexico’s Institute for Transparency, Access to Information and Protection of Personal Data said that just this week the Attorney General’s Office provided for the first time licensing contracts from 2016 and 2017 for the Pegasus software from Israel’s NSO Group.

Initially, the office denied the contracts existed, then refused to divulge them before eventually capitulating.

Commissioners were incredulous Wednesday at the idea that the government would spend $32 million on software and then maintain that it hadn’t used it. They said the government earlier told them it had no records of the software being employed.

“When I’m going to buy something it’s because I’m going to use it,” commissioner Oscar Guerra Ford said.

In the improbable case that it really wasn’t used, there should be an explanation for why something so expensive — almost the annual budget for INAI — was purchased but not used, he said.

“It’s evident that there’s something strange,” Guerra said. He urged the new autonomous prosecutors’ office to essentially investigate itself.

In 2017, the internet watchdog Citizen Lab released its investigation that found some of Mexico’s most prominent journalists had been targeted by the spyware. Journalists Carmen Aristegui and Carlos Loret de Mola had been investigating government corruption and alleged human rights violations by security forces.

Advertisement. Scroll to continue reading.

It also found evidence that members of an international team of experts backed by the Organization of American States investigating the 2014 disappearance of 43 students in Mexico were targeted.

The University of Toronto-based Citizen Lab said the software was capable of not only accessing all of the information on a target’s cellphone, but also of turning the phone into a spying device by activating its camera and microphone.

NSO had said the software was only sold to governments for the purposes of fighting crime and terrorism.

At the time, the Mexican government flatly denied any of its entities had targeted human rights defenders, journalists, anti-corruption activists or anyone else without prior judicial authorization.

Citizen Lab said it identified targeted messages sent in 2015 and 2016. Among the other targets were members of the Centro Miguel Agustin Pro Juarez, a prominent human rights group, and Mexicans Against Corruption and Impunity.

The software has been implicated in cases of misuse elsewhere as well.

In December, a Saudi Arabian dissident filed a lawsuit in Israel alleging that NSO software was used to monitor Saudi journalist Jamal Khashoggi before his killing in Turkey in October. NSO has called the lawsuit “completely unfounded.”

Related: Cyber Attack Aims to Manipulate Mexican Election

Related: Hackers Steal ‘$15.3 Million’ From Mexico Financial System

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.