Over the last five years, cybercriminals have found a way efficient, expedited and low-cost spending on receiving large sums of money inflicting the financial sector in Latin America, including Mexico, even when it comes to performing more complex attacks that require more time.
"Payment systems in Latin America and Mexico have become a new target for attackers to see that it is very easy to make fraudulent transactions resulting from the use of vulnerabilities in the web service," said Miguel Angel Mendoza, a security researcher from the ESET Latin laboratory America in an interview with El Financiero.
After eight years of cybercriminals, the nail struck the vector an attack called exploitation of vulnerable sites, which have benefited from failures in financial sector systems, such as those registered with the SPEI in Mexico, committed by groups with the characteristics of a persistent advanced threat (APT, abbreviated to Spanish language). English).
El Financier published on May 14 that during the attacks in April there would have been a robbery of about 400 million pesos, of which Banterte was the most affected bank with 150 million pesos.
"We have seen that kiberi are currently focused and focused on money-making – these are complex methods that they get higher values faster than if they were made with phishing campaigns or denial-of-service techniques (others types of attacks) because the results would be slower and lower, "explained the expert.
In 2018, 92% of banking institutions in Latin America suffered cyber attacks, according to the data of the Organization of American States (OAS). Mexico, Uruguay, Chile and Ecuador are among the countries most affected before this type of violation. The total number of losses in the region is unknown.
In the case of Mexico, although SPEI was not directly disturbed, cybercriminals damaged the infrastructure that banks connect to the web system.
"This does not mean it will always be the case, probably later they will be able to find a way to do so.There are shortcomings in the way the operations are done, either through the same process of the institution, in the technological infrastructure , or by attacking the supply chain of the service provider, "the investigator explained.
An invincible reality, according to ESET's research, is this vulnerabilities have become one of the main access doors for cybercriminals who know that The risk of being arrested in the region is very low.
In 2017, 14,700 vulnerabilities were recorded, representing a historical maximum in the region and double of those reported in 2016, according to CVE.
Link to this report, attacks on banking infrastructure are emerging as a trend that will increase with more complex ways of action, according to World Economic Forum estimates.
Why? generally, Mexico and the rest of Latin America are unprotected both in terms of legislation and cyber security in different digital sectors.
It is therefore necessary to propose within the framework of digital governance in the region:
An effective legislative framework covering this area, and in turn banks are protected significant budgets in cybersecurity, physical security, work control, and trust.
"In particular, standardization is needed to achieve the same level of security in web infrastructure, processes and operations through cyber-security centers and highly-qualified response teams," Mendoza said.
The recording of these incidents in Europe has decreased since the introduction of the General Data Protection Regulation (GDPR).
"When this law came out, everyone was forced to create tools and change their confidentiality messages, including measures that suggest that all requirements will be met." GDPR is needed in Mexico so that each bank knows how to react . "
Cybercats, which seemed unusual, have become commonplace and are already present one of the three biggest risks to the global economy, so they must be a priority part of the agenda of governments and banking institutions.