This Thursday the fact that the Secretary of National Defense (Sedena) suffered a hack with six terabytes of information was made public, but these are not the only military forces that the group of hacktivists ‘ Guacamaya ‘ has attacked in Latin America, in addition to which have also targeted oil and mining companies.
Who are Macaw hackers?
According to a manifesto published by the group of hackers, it goes against the colonialist states and the model established in the countries they colonized. They define themselves as a group against “North American imperialism”, they criticize “the United States with its military and political interventions, together with the neo-colonialism of extractive companies, the territory of Abya Yala is distributed as it pleases”.
“Our task will be the defense of the territory, the water, the forests, the seas”, can be read in the writing and they also have a well-defined area in which they plan to affect with their hacks: Abya Yala, the way they call to America from Mexico to Patagonia.
The military forces have been one of their main targets, because they are considered instruments of colonialism. “It is in these supposed independences and in a supposed path to freedom and democracy, where the armed armies are created under political constitutions”, they mention.
What other countries have Guacamaya attacked?
This is not the first time that hacktivists have attacked a government. One of its most publicized cases occurred on September 19 in Chile, when the group released more than 300,000 internal documents from the Joint Chiefs of Staff (made up of the three branches of the Chilean Armed Forces).
The documents ranged from February 2019 to May 2022, according to information from the local press, and among them were intelligence reports classified as secret. In short, the amount of information they obtained after that attack reached 10 TB.
Due to this fact, the Chilean president, Gabriel Boric, instructed his Defense Minister, Maya Fernández, to return to the country, since both were in the US in the framework of the 77th United Nations General Assembly.
After releasing the information on Chile, the group mentioned that as part of its Operation Forces Represivas, they would carry out more data leaks in Peru, Salvador, Colombia and Mexico.
In early August, in Colombia, 5 TB of emails from the Attorney General’s office were revealed, which has been linked to various acts of corruption. In addition, the DdoSecret site reported that the group obtained 175,000 emails from the Peruvian Army, as well as 10 million emails from the National Civil Police and 250,000 from the Salvadoran Armed Forces, although in neither case has the information been made. public.
On the other hand, the group has also attacked mining and oil companies. On March 6, for example, he hacked the communication systems of the Phoenix Mining Project, of the Guatemalan company Níquel, as well as other Brazilian, Chilean, Ecuadorian, Colombian and Venezuelan companies.
Cybersecurity in Mexico and Latam is a simple goal
The lack of investment and constant attacks are a common aspect for cybersecurity in Mexico and Latin America. According to , Mexico is below countries such as Kenya, Sri Lanka, Brazil, Panama, Chile or Nigeria.
On the other hand, Francisco Robayo, director of engineering at Check Point, that Latin America is one of the most affected regions globally, since while a company is attacked 1,116 times a week worldwide. In the area, the average is 1,586 times per week.
Despite the fact that the number of attacks has increased over the years, specialists agree that throughout the region, both companies and governments still do not give them the importance or budgets necessary to attend to prevention.
In 2021, Sophos recorded that the average ransom payment was $812,360; however, these figures are not exact, since there is no general legislation that obliges companies and governments to make transparent the attacks they have received.
“Not all companies and governments have really measured the effects of cybercrime, there is still no joint strategy to combat cyberthreats,” said Robayo.
An example of this is that this is not the first attack by a group of hackers against Mexican institutions. In May, the Conti group, which also attacked Costa Rica, threatened various organizations, such as the Mexican Institute of Social Security, the Ministry of Finance and Public Credit, Pemex and Banxico.
