Starting with the Covid 19 pandemic, We have seen an increase in cyber attacks in both quantitative and qualitative terms. In this context, Mexico has become a high-risk country. This is what the founder of Silikn explained Víctor Ruiz, who shared a comprehensive data collection with Cointelegraph in Spanish. The document contains descriptions of what is happening in this country.
Ruiz said, among other things, that registration of new domains related to coronaviruses has increased and that many of them could be used for malicious activities. Similarly, cybercriminals are targeting other aspects of the new life routine, including video conferencing applications, media transmission services, money transfers, money loans, and applications.
“Global interest in the corona virus has caused cybercriminals to use issues related to this problem to attract victims and to cause them to download malicious applications and files or to click malicious links. The attacks take place on many platforms and include coronavirus fraud, joke and deception, COVID-19 websites and emails that use the pandemic in their affairs and attachments, “said Ruiz.
Data in Mexico: a high-risk country
After analyzing 603 Mexican and foreign companies operating in the country and 72 government organizations, the research unit of SiliknI conducted a study that found that cyber attacks in Mexico put the country at high risk and already represent a red warning that takes into account must become. The following stood out among the data:
Organizations in Mexico were attacked an average of 1,116 times a week in the past six months compared to the 470 attacks per organization and organization worldwide.
The main malware in Mexico is Dridex, This affects 5% of organizations.
The main list of malware in Mexico includes two banking Trojans (Dridex, Ramnit), two botnets (Phorpiex, Emotet) and a crypto miner (XMRig).
53% of malicious files in Mexico were delivered over the Internetcompared to 18% of malicious files on a global scale.
The most common type of security vulnerability in Mexico is data loss and information loss. This affects 60% of the organizations.
Some of the recent cyber attacks in Mexico
The above data is reflected in various attacks in Mexico that have had a serious impact, particularly on the trust and reputation of the institutions concerned.
July 2020: The website of the National Commission for the Protection and Defense of Financial Service Users (Condusef) was attacked earlier this month. The cyber attack was attributed to anonymous Mexico. A day later, the main website of the Banco de México was the subject of an attempted cyberattack. And for the third time this week, a government agency website suffered a cyber attack. In this case, it was the Tax Administration Service (SAT) that registered business interruptions for approximately three hours. It should be noted that a few days earlier, the portal of the National Council for Prevention of Discrimination (Conapred) was attacked by suspected members of Anonymous Iberoamerica.
November 2019: Mexican state oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware in an incident that has been reported to affect less than 5% of its network. DoppelPaymer is a forked version of BitPaymer ransomware.
October 2019: Details on Simjacker have been released, including a list of countries where mobile operators still offer poorly configured SIM cards that are vulnerable to this attack. The vulnerability enables attackers to track the location, send SMS messages, and much more on certain mobile devices using specially formatted binary SMS messages. Active exploits of the vulnerability have been identified in Mexico, Colombia, and Peru.
August 2019: Hackers found a publicly accessible MongoDB database and replaced almost 1.2 million records with a ransom note. The database belongs to a bookstore in Mexico and contains confidential customer information such as full names, phone numbers, details of hashed payment cards and invoices.
February 2019: Mexican bank CIBanco suffered a ransomware attack. The malware spread over the network after one of the computers was infected.
August 2018: A campaign aimed primarily at Mexican users, called Dark Tequila, has been unveiled. The attackers, most likely based in Latin America, used a multi-level payload that was delivered to customers of various Mexican financial institutions to collect banking and credentials on popular websites.
March 2018: A group of North Korean hackers, also known as Lazarus, attacked Mexican commercial bank Bancomext to steal $ 110 million.
Some recommendations for protecting companies
With this situation in mind resulting from the COVID-19 pandemic, which keeps society in a temporary state of uncertainty, some of the measures that Victor Ruiz recommends that companies can take to prevent cybercriminal injury are as follows :
Training and education of all employees in questions of cybersecurity. By learning more about attackers and threats, you can avoid falling for tricks like phishing or ransomware-like actions.
Integrate cyber security strategies into business strategies.
Organizations need to create process and awareness campaigns to keep employees informed about cyber security policies and procedures.
In addition, organizations must create binding policies to generate secure passwords so employees can change them regularly, have a password encryption system, and create multiple authentication factors.
Carry out penetration tests (pentesting) to determine the weaknesses of companies and to remedy them in good time.
Acquire next-generation solutions that can prevent and stop known and unknown attacks rather than penetrating the systems and then trying to mitigate them.
You may be interested in: