Saturday , July 2 2022

Why are hackers attacking banks in Mexico and the AL? Because it's easy


Cyber ​​criminals have found a way in the last five years Efficient, expedited and cost-effective to achieve massive amounts of money attacking the financial sector in Latin America, including MexicoEven when it comes to carrying out more complex attacks that require more time.

"The payment systems in Latin America and Mexico have become the new target of the attackers to see that it is really easy to make fraudulent transactions in exploiting the vulnerabilities in a web service," said security researcher Miguel Ángel Mendoza. In an interview for El Financiero, the ESET Latin American laboratory.

After eight years of attempts, you'll find & # 39; cyber criminals & # 39; nail attack called security vulnerabilitiesThey managed to exploit the failures of the financial sector carried out by groups with features such as Financial Enhanced System Threats (APT for abbreviations in Spanish), as well as violations in connection with the Interbank Electronic Payment System (SPEI) in Mexico. English).

El Financiero, on May 14, said in an attack on April that Banorte 's 150 million pesos in the amount most affected by the bank would be subjected to more than 400 million pesos robbery.

"We have now seen targets being targeted and focused on attracting money. These are complex methods where they achieve higher figures because they are made with phishing campaigns or denial of service (other types of attacks), because the results are slower and lower," the expert explained. .

2018 & # 39; also 92 percent of banking institutions in Latin America were subjected to cyber attacksAccording to data from the Organization of American States (OAS). Mexico, Uruguay, Chile and Ecuador are among the most affected countries Before such violations. The total number of losses in the area is unknown.

In the case of Mexico, even though SPEI has not been directly violated, cyber attackers have damaged the infrastructure where banks are connected to the web system.

Ler This doesn't mean it's always going to be like this, they'll probably find a way to do it later. The researcher has so far identified shortcomings in how operations are carried out by the same institution, through the technology infrastructure or by attacking the service provider's supply chain.

According to ESET studies, security vulnerabilities have become one of the main access gatesFor cyber criminals who know this The risk of arrest in the region is very low.

Source link