Here's the brief rundown on the Sedena data breach

What exactly was compromised and who is responsible for the hacking attack? Everything we know about the hacking of the Department of Defense's central office is as follows.

Here's the brief rundown on the Sedena data breach
In this article, we will cover the essentials of the Sedena hacking. Photo by Mika Baumeister / Unsplash

On Thursday night, September 29, several documents from the National Defense Secretariat (Sedena) obtained by a group of hackers called "Guacamaya" and shared by Latinus were released. President Andrés Manuel López Obrador acknowledged that the leaked information is real and that the hacking was because "a change is taking place" in the Sedena system. What information was revealed, who is behind the leaks, and what has the Mexican government said about it?

The Sedena hack

The hacked information is a leak of 6 terabytes of information from tens of thousands of emails hosted on Sedena servers, with files dating from 2016 to September of this year. This includes, for example, communications between the Secretary of National Defense, Luis Cresencio Sandoval, and Rafael Ojeda Durán, head of the Secretariat of the Navy, in addition to contracts linked to the Mayan Train and the Tulum Airport.

Part of this information shows how the President, Andrés Manuel López Obrador, was diagnosed with different health problems.

The documents showed that the President of Mexico has been hospitalized more than once. On January 2, an Army air ambulance had to go to the President's ranch in Palenque, Chiapas, to take him to the Central Military Hospital in Mexico City.

According to the leaked information, that day the president was diagnosed with "high-risk unstable angina", a heart condition that could lead to a heart attack. The president has also been diagnosed with "gout" and "hypothyroidism," which was another piece of news that came out.

More information than the president's health

In the first hours after the hacking was made public, it has been confirmed that information was also obtained about high-impact military operations, including the so-called "Cualiacanazo", the operation of the arrest and subsequent release of Ovidio Guzmán López, son of Joaquín 'El Chapo' Guzmán Loera.

According to the files obtained, it was at 15:17 hours on October 17, 2019, when security elements invited Ovidio Guzmán to persuade his brothers to cease their hostile attitude. "The leader of the Sinaloa Cartel established direct communication with Iván Archivaldo Guzmán Salazar, urging him to order the cessation of aggression, but his brother responded with a refusal and launched threats against military personnel and their families."

At 7:30 p.m., the order was received from the President of the Republic to cease the operation to detain Ovidio Guzmán López. The decision was made with personnel from the security cabinet so that the disturbances would cease, the document states.

In addition, the leak points out that—contrary to the first official information that three people were killed in the operation—in reality, nine people died that day. So far, only some of the information that was found has been made public, but it is thought that this could be the worst cyberattack that the Mexican government has ever had to deal with.

Who are the Guacamaya hackers?

Behind the hacking of the Sedena is the hacktivist group Guacamaya. The organization has also revealed information from the Chilean army, which they managed to penetrate, as well as the Internet servers of the armies of El Salvador, Peru, and Colombia.

Guacamaya has released communiqués in which it points out that the leaks made are "in defense of nature" and "against the 'five centuries' (529 years) of genocide, terror, plundering, and violations of the territory of Abya Yala (the way they call America from Mexico to Patagonia)".

The organization declares itself against the colonialist states and the model established in the countries they dominated. The attacks launched, as they have pointed out, are a form of resistance, under which they demand a halt to exploitation, mining extraction, pollution, and the "desire for domination".

In addition, they have positioned themselves against military interventions, as they have denounced that in "a large part of the Abya Yalenses territories, the military power is behind the supposed civil and democratic governments, and from there arises this new model of government in some regions of 'narco-paramilitary states', where the state-military is combined with paramilitaries (illegal armies), giving them free action or being indistinguishable".

"The armed army is the one that does the dirty work of the states, of the companies, of organized crime such as drug trafficking. At the same time, they are obedient and trained directly by the North American empire that also physically has its bases in the territory of Abya Yala," the hacker group pointed out in a publication on the Internet.

"We deliver this to the peoples of Abya Yala to remove the dignified rage so that those who have not seen may see; to think and rethink ourselves in resistance, to rethink the liberation of the peoples and Mother Earth. We filtered military and police systems from Mexico, Peru, Salvador, Chile, and Colombia and we delivered this to those who legitimately do what they can with this information".

Guacamaya has invited other people to hack and filter these "systems of repression, domination, and enslavement".

This is not the first time hacktivists have attacked a government. On September 19, the group released more than 300,000 internal documents of the Joint Chiefs of Staff, which is made up of the three branches of the Chilean Armed Forces. This was one of their most well-known cases.

AMLO acknowledges hacking

President López Obrador confirmed that the information about his health condition was true and that the hacking and theft of information from Sedena was caused by a change in the system.

"It is true there was a cybernetic attack; that is what they call the theft of information through these modern mechanisms; they extract files; they are very specialized people, not just anyone. I do not know if in Mexico there are specialists in this field of cybernetics. I understand that this same group has already done the same in other countries, I think in Colombia or Chile. That is why I think it is something that is handled from abroad, that is not from Mexico," said López Obrador.