Mexico’s Defense Ministry leaks highlight blowback effect of hacking
Millions of leaked documents detailing the activity of Mexico’s intelligence agencies revealed cases of corruption but also tipped the cartels off and put government employees at risk
Three weeks ago, a group of hackers calling themselves Guacamaya targeted Mexico’s six intelligence-gathering centers, subsequently releasing millions of documents to the public. The breach of servers belonging to the Mexican Secretariat of National Defense (Sedena) laid bare the structure of the country’s intelligence apparatus.
The leaked emails, official letters, slideshows, infographics and spreadsheets reveal some of Mexico’s darkest secrets: from investigations into cartels and corrupt authorities, to the cases of missing soldiers and civilians. Documentation that has long been shared between the Mexican Army, Navy, National Intelligence Center (CNI), Attorney General’s Office, Sedena and six intelligence-gathering offices is now accessible online, revealing the depth of criminal activity in Mexico, as well as incidents of collusion between criminal groups and state officials.
A couple of particularly egregious cases revealed by Guacamaya include documents stating that elements of the National Guard purportedly allowed groups of fuel thieves to pass by their checkpoints in exchange of bribes last August. And earlier, in June, a state police officer in Jalisco was investigated for selling military-grade weapons to cartel members.
Until now - despite its central role in the fight against crime in Mexico - little has been revealed about the country’s intelligence apparatus. In an interview with EL PAÍS a few years ago, Guillermo Valdés, the director of the CNI during right-wing President Felipe Calderón’s six-year term (2006-2012), confirmed that the first intelligence-gathering center was set up at the end of 2010, in the middle of the drug war. Valdés said that the Calderón administration decided to focus its efforts on Los Zetas, a criminal group that, unlike most of its competitors, based its economy on extorting businesspeople and migrants, in addition to drug trafficking. Hence, the first center was based in the state of Nuevo León, a stronghold of Los Zetas.
“For example, we had an incomplete map of the organizational structure of Los Zetas,” Valdés explained. “We knew who the commander of the state of San Luis Potosí was, but what about the bosses in each of the five biggest cities? To find out, we would detain some of the criminals operating there and interrogate them. Then, we would do an operation. We arrived at a house, seized it; the Attorney General’s office had to attest to everything that was done there. Computer equipment was confiscated, hard drives were copied… all the information was taken to the intelligence centers to be processed, which would then generate more information to help us conduct other operations.”
Valdés insisted that this model of intelligence fusion - by which all information began to be shared and analyzed between departments and where the criminals’ communications were being constantly monitored - allowed the government to drastically reduce the influence of Los Zetas; no small feat considering the atrocities that were frequently committed by the cartel, such as the public display of victims’ bodies. However, critics point out that the dismantlement of major cartels via intelligence-gathering and targeted operations has not significantly improved the state of insecurity engulfing Mexico.
The documents leaked by Guacamaya include a number of messages exchanged between underworld characters, along with coordinates for residential, commercial and agricultural properties belonging to various criminal organizations. The tapping of mobile devices and the interception of texts and emails has allowed the Mexican security forces to carry out many surprise raids. One of the recent notable ones took place on August 9, when the Army raided a ranch in Ixtlahuacán, gatecrashing a high-level meeting between drug traffickers. President Andrés Manuel López Obrador - whose cardiac conditions were also leaked in the Guacamaya hack - even came out in praise the success of the operation.
The generation of information by Mexico’s intelligence community has been constant, as demonstrated by the six terabytes of data that were hacked. Guacamaya has released documents that have not only jeopardized investigations - such as spreadsheets listing tapped telephone lines - but have also compromised the safety of government employees. Emails concerning personnel changes, absences, disciplinary reports, vacation requests and sick leaves have been released. The vulnerabilities in Mexico’s cybersecurity infrastructure have been exposed, with dangerous implications for those who are a part of it.
The risk is that leaks like these will give those being investigated an advantage, while setting back the efforts of Mexico’s intelligence officials. That being said, the revelations of collaboration between some members of the security forces and criminal organizations is extremely troubling. This will raise alarms about the trustworthiness of the institutions that are supposed to be protecting Mexico’s general public.