Mexican Financial Services Sector Is Top Cyber Attack Target
Home > Professional Services > Expert Contributor

Mexican Financial Services Sector Is Top Cyber Attack Target

Photo by:   Claudio Baumann
Share it!
By Claudio Baumann - Akamai
Director, Latin America


With the finance industry moving huge amounts of money and information, it is not surprising that this industry is a favorite target for cybercriminals. According to the State of the Internet of Finance' study by Akamai Technologies, a cloud and cybersecurity company, between 2021 and 2022, cyberattacks related to financial services in Latin America increased by 419 percent, surpassing 20 million in that year.


Confidential customer and transaction data that financial organizations hold can be turned into valuable merchandise in the hands of hackers. In addition, the interruption or malfunction of financial services has serious implications for markets. According to IBM's Cost of a Data Breach 2022 report, data breaches against financial services have an average cost of US$4.82 million.

The exponential growth of attacks on financial services in Latin America has caught the attention of specialists. The significant digitization of banking services in recent years and the increase in sophistication and intensity, both in quantity and volume, of cybercrime, may be two of the factors contributing to the growth of these illegal activities in the region. Cybercrime costs Latin America US$90 billion a year.

Financial Services Sector in Mexico

Mexico’s financial services sector has been experiencing  a relevant transformations with the emergence of new institutions, products and solutions. At the same time, service consumer data is increasingly targeted by cybercriminals. This implies the need to implement adequate security mechanisms, with a focus on protecting information and the reputation of financial entities.

A banking survey carried out in Mexico by Akamai, The experience of customers of the main Mexican banks in 2022, showed that about 54 percent of respondents cite the need for security in the institutions where they have an account. However, 35 percent of respondents claim to have had a security problem, either through an app (19 percent) or through the internet (16 percent). Taking this into account, financial institutions are increasingly directing efforts to disseminate good security practices to their customers, while developing policies and implementing cybersecurity mechanisms.

Security is a fundamental attribute in the financial services sector, something that institutions can and must offer as an integral part of their offerings and in the most transparent way for all customers, whether companies or individuals. In this way, the trust of customers in the institution increases, which is reflected in the perception of quality associated with the brand and in the attraction of new customers, generating a positive cycle. As a vital sector, financial services need to be up and running without disruption. 

To fully understand the various risks that financial services face, we must look at the threat landscape as a whole. To do so, we turn to a multitude of data on various activities,  bot trends (both malicious and benign), exploitation attempts against critical vulnerabilities, web apps and Application Program Interface (API) attacks, and phishing campaigns, that allow us to show the broad picture of the most common threats.

Common Attacks 

Based on the enormous volume of transactions that take place supported by its services, Akamai classified some of the most common types of attacks in the financial industry:

  1. Web Application (WAF) and API Attacks

Attacks on web applications and APIs can target organizations from different sectors, including the financial sector. APIs allow, for example, integration between a social network and another site, allowing the use of a social network login as a registration in other applications, sites or systems. Thus, it is not necessary for the user to perform a different registration every time he accesses a new app or website. These interfaces can fall prey to vulnerabilities, authentication issues, bots, and denial of service.

Web applications, on the other hand, are executed by customers on an institution's website over the internet, using a browser. A cyberattack can subject web applications to exposure and theft of user registration data and interruption in financial institution services.

Analyzing the study on web application and API threats, it is possible to notice that the financial services sector was one of the most affected by this type of attack, suffering almost 4 million threats until the end of the analyzed period.

  1. Cryptojacking

Cryptojacking is the act of “hijacking” a computer, mobile device or network servers and using the machines’ resources to “mine” various forms of digital currency (known as cryptocurrencies) without the users’ knowledge. This scam comes via a malware infection and is a rising cyber threat. Like most cyberattacks that target financial institutions, the hackers' motivation is profit.

Unlike other threats, cryptojacking malware is designed to remain completely hidden on the user's machine, which can cause slowdowns and crashes due to overloading computing resources. According to a report by SonicWall, the number of cases of cryptojacking in the financial sector grew by 269 percent in the first half of 2022.

  1. Trojan

The trojan, or Trojan horse, as it is popularly known, is one of the most common malicious programs in the daily life of the financial sector. It accesses users' devices by disguising itself as any apparently legitimate program. In that way, it opens a “door” to an invasion. Given the popularization of online banks, banking trojans are among those that claim the most victims, since, in possession of access credentials to bank accounts, attackers have quick access to money.

  1. Ransomware

The purpose of a ransomware attack is to “hijack” victims' information, which may prevent financial institutions from gaining access to their systems. With access blocked, hackers begin to extort the company and demand a financial ransom to grant access. The encryption of important data takes place through the deployment of malware. In some cases, criminals disclose pieces of information as a threat, to pressure companies to pay the ransom.

A study by Akamai on Ransomware threats released in the first half of this year showed that, between May 2021 and April 2022, the Latin American region was third for most-attacked regions. The impacts of these attacks may vary from sector to sector and even among enterprises of the same industries, but their effects may be catastrophic, not only financially, It is crucial to be prepared for and prevent ransomware, as it is usually much more complicated and expensive to deal with it after the data or the infrastructure is compromised.

About Akamai

Akamai empowers and protects life online. The world's most innovative companies choose Akamai to protect and deliver their digital experiences, helping billions of people live, work and play every day. With the world's largest and most trusted edge platform, Akamai keeps apps, code and experiences closer to users than any other, and threats even further away. Learn more about Akamai's security, content delivery and edge computing products and services at, or follow Akamai Technologies on Twitter and LinkedIn.

Photo by:   Claudio Baumann

You May Like

Most popular