Feeds

New leak claim: NSA saw hole in Mexican prez's email box - and hacked it

Operation Flatliquid sparks further fury down south

Internet Security Threat Report 2014

America's relationship with its nearest southerly neighbor are frostier than before after it was claimed that in May 2010 the NSA conducted an operation dubbed Flatliquid that hacked the contents of the then-Mexican president's inbox.

According to documents leaked to Der Spiegel, a division of the NSA dubbed Tailored Access Operations (TAO) reported successfully penetrating the public email systems of President Felipe Calderón, who stepped down from office in December 2012. The account was used for communication with other staff and was described in the once top-secret report as "a lucrative source."

NSA report on hacking Mexican president's email

'South of the border, down Mexico way'

"TAO successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon's public email account," the partially redacted document states.

The alleged backdoor allowed "diplomatic, economic and leadership communications which continue to provide insight into Mexico's political system and internal stability," states the report, leaked by NSA whistleblower Edward Snowden.

Calderón and the Mexican government have reacted angrily to the news. On his personal Twitter account, the former president said that the NSA's actions were "more than personal, are an affront to the nation's institutions, since they were carried out during my tenure as president of the republic," and called on the Mexican authorities to investigate.

The Mexican foreign ministry has already announced an investigation by the Attorney General and called the actions "unacceptable, illegal." In a statement to the BBC it said "in a relationship between neighbours and partners, there is no place for the alleged practices."

The leak is an embarrassing one for the US, since it is already investigating itself for allegedly hacking the email of current Mexican president Enrique Peña Nieto last summer during his election campaign. Documents slipped to local news television station Fantastico in September showed the NSA had copies of Peña Nieto's email conversations, including discussions about likely ministerial appointments.

The same reports suggested that the NSA had also comprehensively pwned the email accounts of the Brazilian president Dilma Rousseff and some of her aides, as well as those of the state oil company Petrobas.

President Rousseff cancelled a visit to the US in protest and at the recent G20 meetings in Russia, President Obama promised that both hacking reports would be investigated.

"What I got from President Obama was a commitment to a full investigation... and if they turn out to be true to impose corresponding sanctions," said President Peña Nieto at the time. El Reg wonders how this latest report will factor into negotiations. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.