In recent days, the Guacamaya hackers once again demonstrated Latin America’s vulnerability in terms of cybersecurity, stealing and publicly exposing relevant information from public institutions in countries such as Mexico, Chile, and Colombia.
The Inter-American Development Bank (IDB) had already warned in early 2020 that only 12 of the 33 countries in the region have cybersecurity strategies. In fact, between April and May 2022, the Russian hacker group Conti hijacked the databases of two Peruvian and four Costa Rican ministries.
Guacamaya is making people talk, not only because of the amount of information leaked but also because of its sensitivity. For example, last August 7, the group leaked 5 Terabytes of emails from the office of the Attorney General of Colombia, who has been linked to several acts of corruption, as well as links to drug trafficking and paramilitary networks, political persecution, and assassinations. In addition, they shared a communiqué in which they branded the Attorney General’s Office as one of the most corrupt organizations.
In Chile, on September 19, they managed to penetrate the security system of the Joint Chiefs of Staff of the Armed Forces (EMCO), revealing about 400,000 e-mails of the organization, corresponding to 10 terabytes. The incident caused the resignation of the Chilean Chief of Staff, Guillermo Paiva, and led to a series of questions about the EMCO’s work.
And, according to the website DdoSecret.com, Guacamaya obtained 175,000 emails from the Peruvian Army, as well as 10 million emails from the National Civil Police and 250,000 from the Armed Forces of El Salvador. In both countries’ cases, the information has not yet been published.
Mexico is the latest victim, after the night of September 29th, one of the largest breaches of the Mexican Government’s cybersecurity systems took place, penetrating the systems of the Secretariat of National Defense (Sedena) and gaining access to thousands of confidential documents, corresponding to 6 terabytes.
Some of the documents revealed to refer to the state of health of President Andrés Manuel López Obrador (AMLO); differences between the heads of the country’s leading security corporations, the Sedena and the Secretariat of the Navy (Semar); as well as new information about what happened in the “Culiacanazo”, the operation for the arrest and subsequent release of Ovidio Guzmán López, son of Joaquín Guzmán, El Chapo, where the details of the recorded calls are recounted.
But one of the leaks that have caused a stir, is related to the Pegasus software by the Mexican Army, which bought it in 2019 to spy on activists and journalists during the government of López Obrador. So far, at least one activist and two journalists have found evidence on their phones of the tracking that the Armed Forces did to their personal information.
Guacamaya is a group from Central America that defends nature and has declared war on all those who threaten it in favor of capitalist ends promoted by the United States in Latin America. In a declaration, it stated its position against military and security corporations who “overshadow” human rights and freedoms. “This is why Guacamaya we filter into their systems and make public the very documentation of these entities of terror,” they said.
According to their manifesto, their attacks are against colonialist states and the model established in the countries they colonized. They define themselves as a group against “North American imperialism”, criticizing “the United States with its military and political interventions, together with the neocolonialism of extractivist companies, dividing up the territory of Abya Yala at will”. In addition, it indicates that “our task will be the defense of the territory, the water, the forests, the seas”, and they have well defined the area in which they intend to influence with their hacks: Abya Yala, the way they call America from Mexico to Patagonia.