The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate.
The findings came to light in a June 2025 report from the DoJ’s Inspector General. It identifies a threat that it calls ubiquitous technical surveillance (UTS), in which an attacker combines different kinds of data to build up a detailed profile of a subject. This links the subject to event, locations, and things.
The report highlights several ways in which bad actors can snoop on the FBI:
- Visual and physical imagery (for example, photographing people)
- Interception of electronic signals like phone calls
- Analysis of financial transaction data
- Checking travel bookings
- Monitoring their online presence
“Some within the FBI and partner agencies, such as the Central Intelligence agency (CIA), have described this threat as ‘existential’,” warned the report.
The document details just how damaging this type of surveillance can be. It explains that the Sinaloa drug cartel, operated by infamous drug lord Joaquín “El Chapo” Guzmán, had hired a black hat operator to target the FBI. The criminal offered “a menu of services related to exploiting mobile phones and other electronic devices”, said an informant who told the Bureau about it in 2018.
The black hat spied on people entering and leaving the US Embassy in Mexico City and identified people that the cartel would be interested in. These included the FBI Assistant Legal Attache (ALAT), the report explained. The document continues:
“Using the ALAT’s phone number the hacker was able to see calls made and received, as well as obtain the ALAT’s geolocation data. According to the FBI, in addition to compromising the ALAT’s phone, the hacker also accessed Mexico City’s camera system, used the cameras to follow the ALAT through the city, and identified people the ALAT met with. According to the case agent, the cartel used that information to intimidate and/or kill potential sources or cooperating witnesses.”
Much work still to do
Drug cartels are powerful organizations and it’s a scary thought that they’d be able to infiltrate an institution as hardened as the FBI. But the Bureau must surely have this in hand, right?
Not so fast. The Inspector General had already found some worrying shortcomings in the Bureau’s defenses against UTS, warning the FBI that it was “disjointed and inconsistent” in 2022. The Bureau responded by classifying UTS as a Tier 1 Enterprise Risk that year. It recruited a ‘red team’ of analysts to identify UTS vulnerabilities and suggest mitigating measures, but the gap analysis the team submitted was a single-page nothingburger, per the Inspector General’s report, and not adequate to protect the Bureau. It only covered three of six expected vulnerability categories.
The red team had been given a prior far more detailed analysis called ‘Anatomy of a Case’ by the Bureau’s Counterintelligence Division but didn’t include these findings. The FBI later said that this was just an outline and is now going back over the two documents.
The Bureau has also proposed a strategic plan to handle UTS, but an early outline of that strategy doesn’t identify who has the authority to run it. “We are also concerned that the forthcoming strategy will not adequately create clear lines of authority when the FBI must respond to UTS-related security incidents,” the report said, adding that the plan’s measures “do not provide a sufficiently clear, actionable long-term approach to address the UTS threat.”
The US had captured and imprisoned Guzmán several times but he kept escaping. Authorities recaptured him in 2016 and extradited him to the US the following year. He was sentenced to life imprisonment in 2019.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.