Over the last five years, cybercriminals have found a way efficient, expedited and low-cost spending on receiving large sums of money inflicting the financial sector in Latin America, including Mexico, even when it comes to performing more complex attacks that require more time.
"Payment systems in Latin America and Mexico have become a new target for attackers to see that it is very easy to make fraudulent transactions resulting from the use of vulnerabilities in the web service," said Miguel Angel Mendoza, a security researcher from the ESET Latin laboratory America in an interview with El Financiero.
After eight years of cybercriminals, the nail struck the vector an attack called exploitation of vulnerable sites, which have benefited from failures in financial sector systems, such as those registered with the SPEI in Mexico, committed by groups with the characteristics of a persistent advanced threat (APT, abbreviated to Spanish language). English).
El Financier published on May 14 that during the attacks in April there would have been a robbery of about 400 million pesos, of which Banterte was the most affected bank with 150 million pesos.
"We have seen that kiberi are currently focused and focused on money-making – these are complex methods that they get higher values faster than if they were made with phishing campaigns or denial-of-service techniques (others types of attacks) because the results would be slower and lower, "explained the expert.
In 2018, 92% of banking institutions in Latin America suffered cyber attacks, according to the data of the Organization of American States (OAS). Mexico, Uruguay, Chile and Ecuador are among the countries most affected before this type of violation. The total number of losses in the region is unknown.
In the case of Mexico, although SPEI was not directly disturbed, cybercriminals damaged the infrastructure that banks connect to the web system.
"This does not mean it will always be the case, probably later they will be able to find a way to do so.There are shortcomings in the way the operations are done, either through the same process of the institution, in the technological infrastructure , or by attacking the supply chain of the service provider, "the investigator explained.
An invincible reality, according to ESET's research, is this vulnerabilities have become one of the main access doorsfor cybercriminals who know that The risk of being arrested in the region is very low.