This paper declares that the National Security Agency's Charleston facility in North Carolina is conducting espionage on Mexico. The method is documented: when a target in Mexico connects to Google services, the NSA Charleston facility exploits its network position to access that connection. Through this access, Charleston extracts digital information from the target, including IP addresses, device identifiers, account data, and communications. Once the IP address and other digital identifiers are obtained through this initial extraction, Charleston deploys three primary cyber attack methods against the target: staffing attacks, denial of service attacks, and botnets. A staffing attack is a type of cyber attack that targets an organization's network infrastructure by overwhelming or manipulating staffing-related systems, credentials, and access protocols. A denial of service attack is a type of cyber attack that overwhelms a target's network, system, or service with traffic to disrupt operations and deny legitimate access. Botnets are networks of compromised devices used for distributed cyber attacks. These are three separate cyber attack capabilities, all deployed after the initial Google connection espionage extracts the target's information. The IP addresses used in this espionage have been traced back to Charleston through IP loggers, geolocation analysis, WHOIS records, and ASN mapping. This paper declares, plainly and directly, that the NSA Charleston facility is conducting espionage on Mexico.
Publication Date: 2026-06-19