In the last five years they have found a way to cybercriminals efficient, accelerated and low cost, to obtain large amounts of money to attack the Latin American financial sector, including Mexico, even more complex attacks that require more time.
"Latin America and Mexico's payment system has become a new target for attackers to easily convert transaction fraud into exploitation of web services weaknesses," said Miguel Ángel Mendoza, security researcher at ESET Latin America's laboratory, in El Financiero.
After eight years, the "cybercriminals" nails hit the vector The attack is called exploitation of weaknesses, which made it possible to make use of the deficiencies in financial sector systems, such as the Electronic Payment System (SPEI), Mexico, registered violations, according to the characteristics of the Persistent Advanced Threat (APT). English).
El Financiero published on May 14 the robbery of around 400 million pesetas during the attacks in April, which resulted in the Banorte bank being the highest amount of $ 150 million.
"We have seen cybeques focused on targeting and extracting money. These complex methods achieve more complex methods, as phishing campaigns or Service Denial Techniques (DoC) techniques are more rapidly achieved, because the results will be slower and smaller." explained the specialist.
In 2018, The percentage of Latin American banking institutions suffered a hundred percent attacks, According to data from the Organization of American States (OAS). Mexico, Uruguay, Chile and Ecuador are among the most affected countries before this type of violation. The number of loss of the region is unknown.
In the case of Mexico, even though SPEI was not violated directly, cyber attackers were damaged by this infrastructure, by connecting the banks to the web system.
"This does not mean that this will always be, they will probably find a way later. Until now, crafts have been identified in how operations are carried out through the same institutional process, through a technological infrastructure or through a supply chain of the service provider," he explains. researchers
This is a magnificent reality, according to ESET studies weaknesses have become one of the main access points Those who use cybercrime know this The risk in the region is very small.
In 2017, 14,700 weaknesses were registered, that is, the historic majority of the region and those reported in 2016, according to CVE details.
With this report, manually As a new trend in emerging attacks on banking infrastructures, more sophisticated action will be increased, According to the World Economic Forum.
Why? basically, Mexico and other Latin American parliamentarians and cybersecurity are protected in different digital sectors.
For this reason, it is necessary to propose that it be within the regional digital government:
Effective legislative area for covering this area, and at the same time banks are protected significant budgets in cybersecurityphysical security, operation and trusted controls.
"Specifically, standardization is required to achieve the same level of security for web infrastructures, processes and operations through Cybersecurity Centers and through highly trained response issues," said Mendoza.
The record of these European events has fallen when the Data Protection General Data (GDPR) is downloaded.
"When this law came out, they all created new tools and changed their privacy statements, including the measures involved," GDPR "needs Mexico as a response to how all banks can respond."
The cyberbulbs seemed to have become commonplace and already imagined Three of the three biggest global economic risksTherefore, the agenda of government and banking organizations must be a priority.