Kaspersky Reports 42.4 Million Cyberattacks Targeting Mexico

As of 3Q24, companies in Mexico experienced 42.4 million cyberattacks, reflecting a 30% increase compared to the previous period, according to Kaspersky. Human error remains the primary cause of cyberattacks, contributing to 43% of the incidents reported in the country.

Sectors such as government, manufacturing, retail, healthcare, and education were the most targeted due to their sensitive data, making them prime targets for cybercriminals. "Attackers aim to breach systems in order to steal valuable information or disrupt operations," explained Claudio Martinelli, General Director of the Americas, Kaspersky.

One of the most prevalent techniques identified was phishing, which remains widespread in Mexico due to its simplicity and effectiveness. Phishing involves fraudulent messages designed to deceive users into revealing sensitive information, such as login credentials. Over 81.8 million phishing attempts were reported, with an average of 224,000 blocks daily.

Ransomware also emerged as a significant threat, with over 158,000 recorded attacks in the past year, averaging 433 incidents daily. This type of malware encrypts a victim's data and demands a ransom for its release. Kaspersky also highlighted the increasing danger posed by banking trojans, malicious software designed to steal online banking credentials and facilitate financial fraud. Over 85,000 attempts were recorded, with an average of 235 attacks per day.

The study further revealed that nearly half of Mexican companies have encountered at least one cybersecurity incident in recent years, with 63% of these incidents categorized as severe. The consequences of these attacks include financial losses, reputational damage, and operational disruptions, underscoring the critical need for robust security measures.

Kaspersky advises companies to invest in advanced technological infrastructure while also fostering a corporate culture that views cybersecurity as a strategic priority. This approach should involve implementing policies, conducting regular audits, and providing continuous employee training to strengthen defense systems and reduce threats.