Mexico’s economy ministry detected a cyber-attack on February 23, 2020. The servers that were targeted in the attack did not contain any sensitive information. After the attack was discovered, security measures were increased to prevent future attacks. It was not disclosed if the attack was accompanied by a ransom demand, but the attack was not successful. Mexico had asked providers to isolate their networks following the identification of the attack as a separate security measure. If this attack was an attempt at ransom, it would be the second time in six months that an entity in Mexico was targeted with ransomware, the first being an attack in November 2019 on Pemex. Countries like Mexico and many in South America are not up-to-date with technology, lack proper security configurations or use outdated software, making them the perfect target for cybercriminals looking to make money. Luckily, the server’s attacks, in this case, did not have any sensitive information on them, but if they did, an attack like this could be catastrophic to entities when a ransom is demanded.
Analyst Notes
As with all attacks that involve a ransom, companies should continue to back up their system in multiple places at multiple locations so if an attack does compromise a system, the victim will not need to pay a ransom because they kept proper backups. Proper monitoring of endpoints would also allow defenders to quickly identify these attacks before they spread across an entire network, preventing the amount of damage that can be done from the malware. Information about this attack can be read here: https://www.reuters.com/article/us-mexico-economy-cyberattack/mexicos-economy-ministry-hit-by-cyber-attack-idUSKCN20J0BI?&web_view=true
