Mexico Records Over 290,000 Cyberattacks per Day: Kaspersky

Mexico registered 108 million cyberattacks in the past twelve months, an average of 297,000 incidents per day, according to Kaspersky. The corporation identifies the country as a focal point of malicious activity in the region, with government and industrial sectors experiencing the highest impact.

Kaspersky attributes the trend to continuous activity directed at critical infrastructure and public services. “It is crucial that organizations reinforce their defenses, and that users remain alert,” says Fabio Assolini, Director of the Global Research and Analysis Team in Latin America, Kaspersky.

Kaspersky’s findings position Mexico among the countries with the highest concentration of cyberattacks in the region. The company reports that the government sector accounts for 41.88% of all incidents detected in Latin America, which makes it the most affected. Industrial operations follow with 19.30%, reflecting exposure linked to operational technologies, interconnected assets, and software dependencies.

The company identifies two predominant vectors: trojans and adware. Trojans impersonate legitimate software to obtain credentials and extract personal or financial information. These programs often spread through email attachments, compromised sites, or unauthorized downloads, and may allow further movement within corporate networks once executed.

Adware triggers intrusive advertising to drive user interaction. When users engage with this content, they may grant access to personal information or enable the installation of additional malware capable of executing more advanced fraud schemes. These vectors rely on user interaction and limited endpoint protections, which increase risks for organizations operating environments with high volumes of digital activity.

The concentration of cyberattacks in government and industrial sectors indicates broader exposure for organizations that manage sensitive or critical data flows. Public institutions process essential records, while industrial operators rely on supervisory control and data acquisition systems that are frequently targeted for disruption, espionage, or data extraction.

Kaspersky recommends three core practices for users and organizations: verify the authenticity of senders before interacting with files or links, maintain updated operating systems to reduce vulnerabilities that attackers frequently exploit, and avoid using identical passwords across multiple systems. 

Given the sustained level of activity, organizations in Mexico may benefit from evaluating their cybersecurity posture through continuous monitoring, training programs, segmentation of critical systems, and the adoption of zero-trust models. For sectors with regulatory obligations, such as government, manufacturing, and energy, strengthening incident response capabilities remains relevant to maintain operational continuity.