Mexican Secretary of State for Human Rights, Alejandro Encinas, was spied on using the notorious Pegasus spyware while investigating misconduct by the Mexican military. This was reported by the US newspaper New York Times, citing several people familiar with the case and an independent forensic analysis. Encina’s cellphone was infected multiple times, most recently last year while he was heading a government truth commission on kidnappings. The hackers gained unhindered access to all of Encina’s digital activities, according to several unnamed witnesses.
Encina has accused the Mexican army of being involved in the disappearance of 43 Ayotzinapa student teachers, one of the worst human rights violations in the country’s recent history. The phones of two other government officials working with Encinas and involved in investigations into violations by the armed forces were also said to have been infected with Pegasus. Mexican government agencies used the malware to spy on journalists, human rights activists, and anti-corruption fighters.
While there is no definitive evidence as to which agency spied on Encinas, the report stated that the only entity in Mexico with access to the spyware is the military. According to the New York Times, this case “is a clear sign of how permissive surveillance has become in Mexico, where no one, including the president’s allies, seems off-limits.”
The Israeli manufacturer NSO Group’s Pegasus software is only licensed to government agencies. Eduardo Bohorquez, director of the Mexican affiliate of Transparency International, stated that “When someone as close to the president as Alejandro Encinas is being targeted, it is clear that there is no democratic control over the spy tool.” At the beginning of the year, the Mexican data protection authority INAI demanded that the Ministry of Defense disclose the contracts for the Pegasus spy software.
The NSO Group has reportedly launched an investigation into the cyber attacks in Mexico following recent media reports of the use of spy software by the Mexican military. The company’s Pegasus spy software has been misused by governments around the world for years to spy on political dissidents, human rights activists, and journalists. According to the FBI, it bought Pegasus for research purposes.
In early November 2021, the White House blacklisted NSO from the Department of Commerce, declared the company a national security threat, and sent the message that US companies should not do business with it. This ban has probably been circumvented by bogus companies. The NSO is now examining whether the deployment of Pegasus in Mexico violates the agreement made when licensed for sale to government agencies.
