29 Jun 2017

Mexico Takes Up Cyberarms

Author:

The Other White House 

There is another White House south of the border and a series of scandals to match.  A $7 million second home, known as “Casa Blanca”, was built for Mexican President Enrique Peña Nieto by a prominent government contractor. This apparent conflict of interest created a huge scandal. The journalists who investigated the “White House Scandal” along with much more serious crimes, were attacked with government-exclusive spyware, also known as cyberarms.  

Mexico paid $80 million for Pegasus, a set of powerful tools that can hack into a cell phone and remotely gain control of all data on the device. Pegasus can siphon off a copy of all text messages, browsing history, locations visited, email messages, and app data to a replica. The spyware can even turn on the phone camera to record video and the microphone to record conversations in the surrounding area of the phone, even when the phone appears off. source

The developer, a private company, claims that it will only sell Pegasus to governments who promise to use it exclusively to investigate alleged criminals and terrorists. But a private software vendor can never enforce such a restriction.  Mexico is already ignoring these restrictions by using the technology to monitor journalists, attorneys and academics who have been critical of their government.

Tech Essentials predicts that the cost of cyberarms will continue to decline, as the technology evolves. We expect to see cyberarms in the hands of government agencies, investigative firms or sophisticated commercial manufacturers, especially when the information they receive may permit them to win elections, steal industrial plans, or anticipate adversarial activities.

There is also a chance that an organization like Wikileaks will gain some of the code and publish it openly as it has in the past with CIA hacking tool source code. (Vault 7) If this happens, cyberarms could be accessible to any hacker in every corner of the world. 

According to Wired magazine, services offering end-to-end encryption protocols appear to be quite secure. These types of services were uncompromised after CIA documents were hacked and then released by WikiLeaks. The Wired article states, “The end-to-end encryption protocols underpinning these private messaging apps protect all communications as they pass between devices…”

End-to-end encryption services include encrypted chat apps and RMail® Registered Email ™ service. Customers use RMail services to ensure their email messages are encrypted in transit and at rest while in their inbox. Learn more at www.rmail.com