Ricardo Sanchez, spokesman for Mexico’s Attorney General, announced a request for the U.S. FBI to independently analyze cell phones and records which are evidence in a controversial investigation. Mexico’s President, Enrique Peña Nieto, is accused of ordering the surveillance of reporters and activists. Those involved recently filed suit in Mexico claiming their phones had been targeted by sophisticated techniques to install programs that are only sold to government agencies. Calling the charges “false,” Peña Nieto welcomes the investigation.
Enrique Peña Nieto took office in 2012, promising to “lift Mexico to its rightful place on the world stage” and his party started making needed changes. All of that hit a brick wall by 2014 as the Peña Nieto administration was bogged down with a growing list of scandals. Included were 43 student teachers vanished after clashing with police and Peña Nieto’s wife was accused of landing a sweetheart deal on a multi-million dollar home. As the President’s approval rating fell through the floor, it was the journalists, activists and lawyers responsible for bringing the issues to light that took the heat.
Preliminary investigations show the phones involved were infected by a program called “Pegasus” that was created by an Israeli cyber weapon manufacturer, NSO group. They only sell the program to governments and make them agree to only use it in connection with suspects of terror groups, drug cartels and other serious criminals. At least three of Mexico’s federal agencies own almost $80 million worth of the firm’s products.
Pegasus “infiltrates smartphones to monitor every detail of a person’s cellular life — calls, texts, email, contacts and calendars. It can even use the microphone and camera on phones for surveillance, turning a target’s smartphone into a personal bug.” Before it can do that, the owner has to be tricked into clicking a link to install the software.
Juan E. Pardinas, general director for Mexican Institute for Competitiveness has been aggressive in bringing anti-corruption laws. Both his wife’s iPhone and his were targeted. “We are the new enemies of the state,” he says.
While at the beach with his family just before Christmas in 2015, Pardenas’ phone got an unusual text. “My father died at dawn, we are devastated, I’m sending you the details of the wake, I hope you can come.” Whoever sent it was not one of his contacts. He showed it to his wife and ignored it. After continuing his criticism of the government, another text came in that referred to the name of his company. Again he was suspicious and chose not to click the link.
After more similar attempts, the focus shifted to his wife. She got a text saying there were leaked videos of her husband having sex with a staff member. The same text was sent to a co-worker of Pardenas. By August, he got one at work saying there were armed men in a truck outside his house. Pardinas called home to have his wife look out the window. “By the end, my wife had Olympic-style training in this hacking stuff.”
Carmen Aristegui, broke the “Casa Blanca” story about a special deal the President’s wife got on a house.
The scandal forced her to give it up but they managed to avoid a government inquiry and the President was eventually cleared. Aristegui was fired. She also relates she was subjected to lawsuits, office break-ins and threats as revenge for her reporting. Then the strange texts started. One about a missing child, then an alert about her credit card. One particularly noteworthy seemed to come from the American Embassy and said there was a problem with her Visa, which is a violation of U.S. law. Similar to what happened with Pardenas, when they could not get her to take the bait, they targeted her 16-year-old son who was living in the U.S.
Loret de Mola who is a newscaster for Televisa was targeted by at least eight messages containing the Pegasus software. Mario E. Patrón, a human rights activist, working on the disappearance of several students, was infected when a text came in looking like a news story he was expecting. When he opened it, a blank page came up. Just like that, “he fell into their trap.” Two lawyers working with the group were also infected.
While there is no firm proof that the Mexican government was responsible, the government owns and uses the software involved. Each of the hacking episodes were personalized to the target. Those targeted were very effective critics of the administration. According to cyber security experts, the quality of the hacking tools used is “as good at it gets.” It is very unlikely that this is the work of cyber-criminals.
After looking at the data already discovered, most of the experts agree that there are not many doubts either the Mexican government, or someone acting on their own within the government, was involved.
The government admits gathering intelligence legally against legitimate suspects and denies any surveillance without prior court approval. The security experts consulted say that is misleading and find it very unlikely the government ever even asked for approval to hack these particular phones. “Mexican security agencies wouldn’t ask for a court order, because they know they wouldn’t get one,” Eduardo Guerrero, formerly of Mexico’s intelligence agency said. “There, of course, is no basis for that intervention, but that is besides the point,” he added. “No one in Mexico ever asks for permission to do so.”