Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime
Governance & Risk Management
Probes Will Look Into the Legality of Spyware Purchase and Its Use
The Mexico attorney general’s office says it is investigating a previous presidential administration’s purchase of Pegasus advanced spyware, an announcement that comes just weeks after current President Andrés Manuel López Obrador denied using the espionage app to spy on two journalists and a human rights activist.
See Also: Building a Secure IoT Deployment Using 5G Wireless WAN
The office also says it is investigating a possible “illegal” sale by NSO Group. The Israeli maker of the smartphone espionage app deployed Pegasus for its own ends, the office charges.
Revelations the Mexican government used Pegasus during the six-year administration of Enrique Peña Nieto to spy on human rights leaders, journalists and anti-corruption activists exploded into a scandal in the year leading up to López Obrador’s 2018 election. Confidants and close family members, including López Obrador’s wife and children, were reportedly among those targeted – making an Oct. 2 report that Pegasus infections continue all the more startling.
The left-wing president has often denounced Pegasus, stating during a 2019 press conference, “We don’t do that, and we don’t do it out of principle.”
NSO Group says it limits sales of Pegasus to authorized states for use in national security and law enforcement investigations. The company is on a U.S. commercial blacklist and earlier this year reportedly broke off acquisition talks with a U.S. defense contractor after the White House voiced opposition. At its most advanced, Pegasus can infect a mobile device without the user having to click on a malicious link.
On Sunday, the Mexico attorney general’s office said its investigation into the acquisition of the spyware revealed a number of crimes, including embezzlement and criminal association by a now-former government official. Peña Nieto officials purchased the spyware for $457 million pesos – approximately US$23 million at current exchange rates – “without justification and by evading public bidding procedures,” the office said.
During his Oct. 4 daily press conference, López Obrador pushed back against reports that Pegasus continues to be deployed in Mexico. “I’m telling you that we don’t spy on anyone and I’m speaking the truth,” he said.
Researchers from the University of Toronto’s Citizen Lab and Mexican human rights organization Red en Defensa de los Derechos Digitales days earlier published findings showing three new Pegasus infections among journalists and a human rights activist. Red en Defensa de los Derechos Digitales says the infections originated from the Secretariat of National Defense.
Mexican news outlet Animal Político reported that included in Latin American military emails hacked by a group calling itself Guacamaya was 2019 correspondence between the secretariat and Mexico’s designated NSO commercial reseller referencing a contract for “remote monitoring services.”
An unnamed Animal Político writer is among the two targeted journalists. Editorial Director Daniel Moreno during an Oct. 3 press conference said two options exist, and both are very serious: Either López Obrador knew about the purchase or he didn’t, meaning that “the army is spying without the president’s authorization.”