In July 2023, cybercriminals broke into the computer systems of Mexico’s largest cooperative, Caja Popular Mexicana. Within minutes, the cooperative’s app was dead, ATMs were offline, and it took nearly a year to fully restore services.
With Mexico emerging as a prime target for cybercriminals, analysts are wondering who could be the next victim.
In the first half of 2024, Mexico faced a staggering 31 billion cyberattacks, accounting for a massive 55% of all Latin American attacks, according to Fortinet, a Sunnyvale, Calif-based cybersecurity firm.
The study underlines that hackers are increasingly targeting American firms operating in Mexico. The heavy flow of trade and data between the two nations creates a vast attack surface, allowing hackers to target a broader range of businesses and inflict significant damage on both sides of the border.
Sectors like logistics, automotive, electronics, and manufacturing are especially vulnerable because they cannot afford prolonged downtimes, making them more likely to pay ransoms.
“The manufacturing sector is a prime target. Cybercriminals can take their operations offline, disrupting sales and distribution in the United States,” said Christopher Todd Doss, Senior Managing Director at Guidepost Solutions, a New York City-based consultancy specializing in cybersecurity related investigations and risk monitoring.
“Companies also face increased risks of ransomware and extortion attacks, which can lead to operational disruptions, financial losses, and reputational damage,” warned Michael McLaughlin, co-leader of the Cybersecurity & Data Privacy practice group at Buchanan, Ingersoll and Rooney. McLaughlin noted that many attacks are backed by state actors, such as China.
“Chinese actors pose significant risks of data breaches and intellectual property theft, affecting the competitiveness and innovation of both Mexican and U.S. businesses,” said McLaughlin, who also co-authored a book about how China and Russia are undermining U.S. national security.
A joint study by Google and Mandiant also confirms that China, Russia, and North Korea are involved in these cyber activities. It found that Chinese espionage groups often target Mexican government agencies, while North Korean hackers focus on cryptocurrency firms for quick profits.
“This could lead to higher compliance costs,” says McLaughlin. “U.S. companies operating in Mexico may face the challenge of navigating differing regulatory environments, adding to the complexity and cost of compliance.”
How to Address the Issue?
“It’s time for the U.S. and Mexico to understand each other and work together,” emphasized Doss, who previously served as Assistant Director of the FBI. He added that sharing information and lessons learned over the years could help prevent future cyberattacks.
Doss also suggests that companies should leverage AI technology. “To protect your networks, you need to monitor in all directions. This is challenging for an organization, as it may struggle to prioritize alerts. AI could greatly ease this burden.”
“Engaging with other nations could also be helpful in addressing the root causes of cyber espionage,” McLaughlin added.
Mexico’s Response
Despite nearly $1.6 trillion in trade with the U.S., Mexico still lacks a strong national cybersecurity system and has not enacted a comprehensive, national cybersecurity law. Existing rules are scattered across various sectors, such as finance, telecommunications, labor, consumer protection, and intellectual property.
A major issue resulting from this is a severe shortage of cybersecurity professionals. According to Fortinet, there is approximately 500,000 vacancies in Mexico. This lack of skilled workers leaves many businesses unable to defend against advanced, AI-driven cyberattacks, increasing their vulnerability.
“Given the global nature of these threats, international collaboration is imperative,” says McLaughlin.
“Addressing the shortage of cybersecurity professionals, particularly in AI, is critical. Both countries should invest in educational programs to develop a skilled workforce capable of tackling advanced cyber threats.”
The U.S.-Mexico-Canada Agreement (USMCA), which replaced NAFTA, supports the free flow of data across borders, including personal data, but underscores the need for stronger cybersecurity measures.
President Claudia Sheinbaum has pledged to establish a center focused on cybersecurity and AI, though there is no timeline for its completion.
Recent years have witnessed a surge in cyberattacks targeting Mexican government agencies. A high-profile breach in September 2022 exposed sensitive data, including military secrets, presidential health records, and diplomatic communications.
Other targets included oil giant Pemex, the National Lottery, and the National Transparency Platform.
Add comment