Over the past five years cybercriminals have been found Efficient, fast and low costs to get a large amount of money attacked by the financial sector in Latin America, including Mexicoeven when it comes to committing serious attacks that require a lot of time.
"It was a new target for attackers to see that fraudulent transactions from web-based vulnerabilities in payment systems in Latin America and Mexico were really easy," said Miguel Angel Mendoza, an ESET researcher in Latin America Laboratory, El Financiero.
Eight years later, cybercriminals suffer from a vector attack vulnerabilities have been namedthey were able to utilize failures in the financial sector, such as registered violations related to the Interbank Electronic Payment System in Mexico (SPEI), which were developed by groups of vulnerable groups (described in APT, Spanish for reduction). English)
El Financiero would have robbed about 400 million pesos during the attacks announced on 14 May, with 150 million pesos in which Bourne was the most affected bank.
"We've already seen how vulnerabilities are targeted and aimed at generating money. This is done by phishing campaigns or DoS (with other types of attacks), as the result is slow and low, they will get higher rates faster, "he explained to the specialist.
In 2018, 92% of banking institutions in Latin America have been subjected to cyber-attacks, According to the Organization of American States (OAS). Mexico, Uruguay, Chile and Ecuador are among the countries most affected before such violations. The total amount of expenses in the region is unknown.
In Mexico, SPEI has not broken down directly, but cyber attackers have broken down the web-based infrastructure of banks.
"It does not always mean that this will happen, and later they will be able to do it. The researcher explained that up to now, it has been discovered how the operations are carried out by the same process, by attacking the technological infrastructure or delivery chain of supply chain.
According to the ESET study, this is unrealistic The vulnerabilities were one of the main accessible doors For cybercriminals they know The risk of being detained in the region is very low.
According to CVE Details, in 2017, 14.7 thousand vulnerabilities were registered, which is the highest historical value in the region and 2016.
Manually work with this report attacks on banking infrastructure appear as a growth trend with complicated action modesAccording to the World Economic Forum.
Why? Basically, Mexico and other parts of Latin America are not protected against laws and cyber security in various digital sectors.
Therefore, digital control in the region offers the following:
Effective legislative base for deposit closureand in turn, banks are protected Significant budgets for cyber security, physical security, operations and trust management.
Mendele says: "In fact, in cyber infrastructure, processes and operations, standardization is required to provide a high level of security through the Cyber-Security Center.
Registration of these events in Europe was low since the implementation of the General Data Protection Act (GDPR).
"When the law came out, it was forced to create all the tools and to change the privacy notices, which included the safeguards. In Mexico, there is a need for GDPR, so every bank knows how to respond. «
The awesome cybercards were typical and already available one of three major risks for the global economy, so they should be a major part of the agenda of governments and banking institutions.