Cyberattacks against Mexican banks are on the rise

In one year, cyberattacks against finance institutions went from one to four per trimester, which represented affectations for MXN $784.7 million , as revealed by the Report of Finance Stability of Mexico’s Central Bank (Banxico) to December 2019.

In addition, there was a diversification regarding the affected services, “from electronic transfers to ATMs ” acknowledges Banxico .

The attack means were varied, including software violation , fraudulent operations executed by third persons working inside an institution, password stealing , abuse of deficiencies in the validation of balances , and the violation of telecoms equipment , among others.

The attacks focused on violating systems connected to banks that were not developed by the institutions but by a third party, such as mobile banking channels and those provided by correspondents or FinTech companies associated with banks.

Did you know

?

The document recognizes that cybercriminals show a wide knowledge of protocols and interconnection systems to have access to accounts and banks’ transfer services.

For hackers and cybercriminals , attacking a bank represents a return of investments, said Eloy Ávila , America’s director of Technology at Darktrace.

“Unfortunately, threats against banking institutions will never fully disappear; there must be efficient controls to discourage these attacks from a criminal’s point of view, but each institution needs a comprehensive security strategy that evolves with the modern company and the changing attack codes,” he stressed.

Hackers

look for opportunities and want to maximize their profit or the impact with minimum work, said Ávila .

“When nearly MXN $300 million were stolen from Mexican banks, they became a more attractive target for hackers; SPEI’s widely-known weaknesses probably attracted more cybernetic actors to the field.”

Have you heard

?

Criminal rise

Roberto Martínez

, a senior analyst of Security at Kaspersky , explained that there is a rise of local , regional , and global cybercrime groups since there are legal loopholes, the cost-benefit of these activities can be higher than the risk they face.

To fight these attacks, Martínez suggested that the first step for institutions consists of directing their efforts in a more strategic way, using intelligence information that allows them to know their enemies, as well as the techniques , tools , and procedures they use in their attacks.

“This will give them a better position for the early detection [of the attacks] and to respond adequately to a security breach ,” he said.

Miguel Ángel

Mendoza, a specialist of IT security at ESET Latinoamérica , added that another inconvenience lies in regulations not being totally fulfilled; although they are mandatory, some guidelines are presented as optional and, therefore, they are not followed.

Did you know

?

An enemy within

Of the MXN $784.7 million affectations registered during 2019 , the incident that represented a bigger hit to Mexican banks was that of a fraud committed by third-parties personnel working in a banking institution.

The act consisted of the injection of apocryphal operations of interest deposits to check accounts through a document for batchloading projects from a developing environment. This action was repeated for three days.

The affectation caused to this investment banking institution was for MXN $462 million .

“Employees have the keys of the kingdom and the intimate knowledge of internal processes , in addition to the location of data,” said Ávila.

Hence, security solutions must consider what enters and what leaves the company as well as what happens inside it.

The Darktrace directive said that in order to detect an internal threat , financial institutions must look for cybernetic security tools that can learn behavior patterns of employees and third-parties personnel.

For his part, Mendoza warned that banks that hire third persons must consider sanctions in their policies in the case of non-compliance to the rules.

“The implementation of technical controls that allow the identification of anomalies is another necessary practice to keep evidence and track fraudulent activities.”

Did you know

?

mp