In early September, further attempts to spy on activists in Mexico were confirmed. The president of Mexicans Against Corruption and Impunity (MCCI), an organization dedicated to investigative journalism, received several SMS messages that were intended to infect his mobile device with malicious software.
According to The New York Times, Claudio X. González Guajardo was threatened with Pegasus, a sophisticated espionage tool or “spyware” sold exclusively to governments that was acquired by the Mexican government in 2014 and 2015, with the alleged intention of combating organized crime. Once installed, Pegasus spyware allows the sender or attacker to access files on the targeted device, such as text messages, emails, passwords, contacts list, calendars, videos and photographs. It even allows the microphone and camera to activate at any time, inadvertently, on the infected device.
In an interview with journalist Carmen Aristegui, MCCI investigative journalism director Salvador Camarena pointed out that the messages received by González Guajardo indicated the following (it should be noted that both Aristegui and Camarena also suffered attacks using the same espionage technology):
Abogado, acabo de recibir esta notificación del MP y me URGE que me ayude a dar respuesta. Se lo adjunto (LINK)”
Hola Claudio, aparte de saludarte, paso a compartirte esta nota de Proceso donde hacen mención de tu nombre (LINK)”.
Señor Claudio, le comparto esta nota del Universal donde hacen mención de usted de forma deplorable, mire: (LINK)”.
Couselor, I just received this notification from the MP and he URGES me to help give a response. It is attached (LINK)”
Hello Claudio, apart from greeting you, I'm sharing this note from [the media outlet] Proceso where they mention your name (LINK)”
Mr. Claudio, I want to share this note from El Universal, where they mention you in an unfavorable way, look: (LINK).”
The Citizen Lab at the University of Toronto confirmed that the links in each of the messages received by González Guajardo were infected with Pegasus spyware. González Guajardo is the 22nd person not involved with organized crime who researchers have confirmed was targeted with Pegasus in Mexico:
— citizen lab (@citizenlab) August 30, 2017
Each of the infection attempts, documented in an investigation jointly conducted by digital rights and civil liberties organizations Article 19, Network in Defense of Digital Rights (R3D), SocialTIC and Citizen Lab, occurred at critical junctures related to the work of espionage targets:
- Journalist Carmen Aristegui and her team received multiple messages with malicious links while investigating acts of corruption by the Mexican government that involved the presidential couple and specifically President Enrique Peña Nieto.
- Carlos Loret de Mola was targeted while he was documenting extrajudicial executions carried out by the Federal Police in Tanhuato, Michoacán.
- The legal team of The Miguel Agustín Pro Juárez Human Rights Center (Centro Prodh) were targets of this technology while working on various cases such as the forced disappearance of the 43 students of Ayotzinapa and acts of sexual torture by police officers in San Salvador Atenco in 2006.
- The legal defense teams of the families of activist Nadia Vera and journalist Rubén Espinosa, who were murdered along with Alejandra Negrete, Yesenia Quiroz Alfaro and Mile Virginia Martin in 2015, also received suspicious messages at the end of that year.
- Health rights activists received messages as they prepared a campaign to support a tax on sugar-sweetened beverages in the country.
- Members of the Mexican Institute for Competitiveness (IMCO) received infection attempts while leading efforts to pass the citizens’ initiative to combat political corruption in the country, known as “Law 3 out of 3.”
- Personnel from Mexicans Against Corruption and Impunity (MCCI) were attacked following the publication of a report on the ghost business network headed by the former governor of Veracruz, Javier Duarte.
- The Interdisciplinary Group of Independent Experts (GIEI) appointed by the Inter-American Commission on Human Rights (IACHR) to investigate the case of the forced disappearance of the 43 students of Ayotzinapa was also targeted by Pegasus technology.
Now, following recent revelations by The New York Times, we know that this has not been the only intimidating tactic aimed at hampering the work of the organization and silencing, in particular, its director, González Guajardo.
— R3D (@R3Dmx) 21 de agosto de 2017
Not even the diplomatic immunity of the @GIEIAYOTZINAPA prevented that they were the objective of the #SpyGovernment
Similarly, it is no small matter that attempts at espionage have also been directed against members of the National Action Party (PAN), a party opposed to that of the current federal government.
In addition to these revelations, this same week, a former agent of the National Security and Research Center (CISEN), Rodolfo Raúl González Vázquez, publicly denounced political espionage activities attributed to the former governor of Puebla, Rafael Moreno Valle Rosas, and the federal representative, Eukid Castañón Herrera, through the use of spying software developed by the Italian company, Hacking Team.
In early January of this year, The New York Times itself published an extensive report covering, among other things, the use of such software (in particular the ‘Galileo’ Remote Control System) for political espionage during the internal elections of the National Action Party in Puebla, Mexico.
The extensive network of spyware acquired and operated under the administration of the now former-governor of Puebla and aspirant president of the country, Rafael Moreno Valle, had already been evidenced in the investigative journalism carried out by the independent media Animal Político and Lado B in 2015.
Recent statements by former CISEN agent Rodolfo Raúl González Vázquez not only confirm the existence of the network, but also reveal the size of its scope and objectives, which he declared to Aristegui Noticias:
Amantes, vicios y negocios” era lo que los empleados que operaban la red tenían que encontrar entre los adversarios del aspirante presidencial, los activistas, críticos y periodistas e incluso sobre prominentes integrantes de su grupo político.
Lovers, vices, and businesses’ was what the employees who operated the network had to find among the opponents of the presidential candidate, activists, critics, and journalists and even prominent members of his political group.
The abundance of examples and technical evidence unearthed by this range of civil society groups and media outlets strongly indicates that these sophisticated espionage tools acquired by the Mexican government are not being used for legitimate purposes. From the opacity in its acquisition and use, to the many investigations and revelations that have arisen in recent times, it appears more and more likely that these intrusive technologies are being used to intimidate and silence dissent.