Feeds

New leak claim: NSA saw hole in Mexican prez's email box - and hacked it

Operation Flatliquid sparks further fury down south

High performance access to file storage

America's relationship with its nearest southerly neighbor are frostier than before after it was claimed that in May 2010 the NSA conducted an operation dubbed Flatliquid that hacked the contents of the then-Mexican president's inbox.

According to documents leaked to Der Spiegel, a division of the NSA dubbed Tailored Access Operations (TAO) reported successfully penetrating the public email systems of President Felipe Calderón, who stepped down from office in December 2012. The account was used for communication with other staff and was described in the once top-secret report as "a lucrative source."

NSA report on hacking Mexican president's email

'South of the border, down Mexico way'

"TAO successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon's public email account," the partially redacted document states.

The alleged backdoor allowed "diplomatic, economic and leadership communications which continue to provide insight into Mexico's political system and internal stability," states the report, leaked by NSA whistleblower Edward Snowden.

Calderón and the Mexican government have reacted angrily to the news. On his personal Twitter account, the former president said that the NSA's actions were "more than personal, are an affront to the nation's institutions, since they were carried out during my tenure as president of the republic," and called on the Mexican authorities to investigate.

The Mexican foreign ministry has already announced an investigation by the Attorney General and called the actions "unacceptable, illegal." In a statement to the BBC it said "in a relationship between neighbours and partners, there is no place for the alleged practices."

The leak is an embarrassing one for the US, since it is already investigating itself for allegedly hacking the email of current Mexican president Enrique Peña Nieto last summer during his election campaign. Documents slipped to local news television station Fantastico in September showed the NSA had copies of Peña Nieto's email conversations, including discussions about likely ministerial appointments.

The same reports suggested that the NSA had also comprehensively pwned the email accounts of the Brazilian president Dilma Rousseff and some of her aides, as well as those of the state oil company Petrobas.

President Rousseff cancelled a visit to the US in protest and at the recent G20 meetings in Russia, President Obama promised that both hacking reports would be investigated.

"What I got from President Obama was a commitment to a full investigation... and if they turn out to be true to impose corresponding sanctions," said President Peña Nieto at the time. El Reg wonders how this latest report will factor into negotiations. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.