Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Mexican Privacy Watchdog Criticizes Government Over Spyware

Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.

Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.

Commissioners of Mexico’s Institute for Transparency, Access to Information and Protection of Personal Data said that just this week the Attorney General’s Office provided for the first time licensing contracts from 2016 and 2017 for the Pegasus software from Israel’s NSO Group.

Initially, the office denied the contracts existed, then refused to divulge them before eventually capitulating.

Commissioners were incredulous Wednesday at the idea that the government would spend $32 million on software and then maintain that it hadn’t used it. They said the government earlier told them it had no records of the software being employed.

“When I’m going to buy something it’s because I’m going to use it,” commissioner Oscar Guerra Ford said.

In the improbable case that it really wasn’t used, there should be an explanation for why something so expensive — almost the annual budget for INAI — was purchased but not used, he said.

“It’s evident that there’s something strange,” Guerra said. He urged the new autonomous prosecutors’ office to essentially investigate itself.

In 2017, the internet watchdog Citizen Lab released its investigation that found some of Mexico’s most prominent journalists had been targeted by the spyware. Journalists Carmen Aristegui and Carlos Loret de Mola had been investigating government corruption and alleged human rights violations by security forces.

It also found evidence that members of an international team of experts backed by the Organization of American States investigating the 2014 disappearance of 43 students in Mexico were targeted.

The University of Toronto-based Citizen Lab said the software was capable of not only accessing all of the information on a target’s cellphone, but also of turning the phone into a spying device by activating its camera and microphone.

NSO had said the software was only sold to governments for the purposes of fighting crime and terrorism.

At the time, the Mexican government flatly denied any of its entities had targeted human rights defenders, journalists, anti-corruption activists or anyone else without prior judicial authorization.

Citizen Lab said it identified targeted messages sent in 2015 and 2016. Among the other targets were members of the Centro Miguel Agustin Pro Juarez, a prominent human rights group, and Mexicans Against Corruption and Impunity.

The software has been implicated in cases of misuse elsewhere as well.

In December, a Saudi Arabian dissident filed a lawsuit in Israel alleging that NSO software was used to monitor Saudi journalist Jamal Khashoggi before his killing in Turkey in October. NSO has called the lawsuit “completely unfounded.”

Related: Cyber Attack Aims to Manipulate Mexican Election

Related: Hackers Steal ‘$15.3 Million’ From Mexico Financial System

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.