The cyber-attack against the Ministry of Economy (SE) last Sunday night that affected at least 60 servers did not compromise sensitive information, the ministry has said.
“The ministry’s sensitive information as well as that of its users is not considered compromised. Following an extensive revision, the ministry’s affected servers, mostly email and archive servers, have been identified,” the SE stated in a press release.
The cyber-attack, however, did stop some of the agency’s operations. The Official Gazette published a government agreement to suspend procedures and operations of the National Commission for Regulatory Improvement (CONAMER). Also, requests by companies that belong to the Manufacturing and Export Service Industry (IMMEX) program will be slowed down.
This was the second high-profile cyber-attack on the President Andrés Manuel López Obrador administration after hackers demanded US$5 million (MX$95.4 million) in bitcoin from PEMEX last November. The hack forced the shutdown of the NOC’s computers.
According to Reforma, hackers demanded US$38 million (MX$725 million) in bitcoin after Sunday’s strike. The unknown hackers reportedly threatened the agency with continuing the attack and demanding the ransom be doubled if it wasn’t paid within two weeks. No ransom was paid and the full operation of all services will resume by Friday, according to official reports.
Threat to taxpayers
Fear of fines for not updating the tax inbox (buzón tributario) can open the doors for hackers, if the necessary precautions are not undertaken, according to experts.
The 2020 fiscal reform states that if taxpayers do not enable or update their tax inbox, they can be fined for up to MX$9,250 (US$484). Before the fine is effective, the Tax Administration Service (SAT) sends notices to taxpayers. But some of these emails are fake, Roberto Colín, member of the Fiscal Commission of the Association of Public Accountants of Mexico (CCPM) warned, explaining that those mails can have hidden files that are able to steal information. Colín said taxpayers must double check any mail before opening it. To check fake mails used by hackers, SE created a web page.