Image credits: Markus Spiske, Unsplash
/
News Article

Banxico Under Cyber Attack

By Andrea Villar | Wed, 07/08/2020 - 11:01

The COVID-19 crisis has increased reliance on digital tools as people need to work and learn from home. Cyber attacks have also increased worldwide during the pandemic, with many under fire including government institutions. This time it was the turn of Mexico's central bank, whose website was subject to a cyber attack yesterday afternoon. Banxico said that the breach was registered at around 1.30 p.m. and said that the institution's permanent monitoring schemes allowed the defense mechanisms to be activated.

On July 6, just a day before, the website of the National Commission for the Protection and Defense of Users of Financial Services (CONDUSEF) reported disconnections. According to analysts, the flaws in the system would be due to hacks by the Anonymous Mexico group, motivated by claims against President Andrés Manuel López Obrador regarding transparency in federal government institutions.

“There is a digitally historic event occurring in the background of this pandemic and that is a cybercrime pandemic,” said in a statement VMWare cybersecurity strategist Tom Kellerman. “It is just easier to hack a remote user than it is to hack someone sitting inside their corporate environment. Virtual private networks (VPNs) are not bulletproof.”

But according to the World Economic Forum (WEF), governments can take three specific actions to prevent cyber attacks.

Establish More and Better National Frameworks

Countries should update or develop national cybersecurity strategies, as well as legal and regulatory frameworks regarding cyberspace with a multi-stakeholder approach. "Governments cannot act alone, and the participation of the technical community and the private sector is essential to building effective resilience capabilities," explains the WEF.

International Cooperation

According to the WEF, fighting cyber attacks requires international cooperation. It is necessary to build trust between governments and the private sector, in all its industries. "Tomorrow, there will be a new virus or a common enemy in cyberspace. Hence, collaboration at the policy, technical and law enforcement levels will be vital to protect us and allow us to work together to find solutions," says the Switzerland-based NGO.

Education

This encompasses everyone, from children to older adults. One of the strategies WEF proposes is to educate all people, of any age and in any industry, about cybersecurity to learn the skills they will need throughout their lives. "Governments and the private sector should join to work towards unified awareness campaigns. No one is immune to a cyber incident or one ‘bad click',"says WEF.

A Growing Problem, Resources Needed

One of the most notorious malware attacks in Mexico happened in November last year. PEMEX, Mexico’s most important parastatal company, suffered from an attack that caused a virus to restrict access to 5 percent of its computers’ information. The attackers demanded a bailout in bitcoin to retrieve the stolen information, according to Milenio. SonicWall firm explained through its Security Center that in the first days of November 2019, it was detected that Mexico ranked second as a target for cybercriminals worldwide, ranking below the US and above the UK.

“Budget is the primary issue when it comes to implementing better cybersecurity at government agencies. While they are aware of the problems and they have capable people, they do not have the budget to invest in a quality and complete system. Cybersecurity is a secondary priority in the budget,” said in an interview with Mexico Business News Adan Samano Director General of Tec Pluss, a company that works with INEGI, the Mexico City International Airport and PEMEX to improve their cybersecurity strategies.

According to the 2020 State of Malware Report by Malwarebytes, cybercriminals have spent the last 10 years transforming malware viruses into a business. The report highlights cyber attacks increased considerably in 2019 as a result of the diversification in the sophistication of hacking, evasion and stealth techniques, which has been specially tailored to attack androids.

Andrea Villar Andrea Villar Journalist and Industry Analyst