After an attempt to cyber attack on 3 Mexican banks, the banks operate the SPEI (Interbank Electronic Payment System) with the contingency program, which slows down the transactions.
The three financial institutions maintain their operations “under the contingency scheme, which could affect their service” from Friday, April 27, reported the Bank of Mexico. The contingency schemes were activated in the presence of “incidents” that affected their electronic transfer service, said information security analysts.
This “attempt” of cyber attack affected the process of connection with the SPEI, which caused several banks to operate under a “contingency” program, which generates a delay in electronic transfers.
Professionals of information security and private solutions explained that these incidents could be cyber attacks aimed at the operating system of the local network of the affected banks. Until last Friday, there were “no indications of impairment of client resources in any of the institutions participating in the system,” the central bank said in a statement. These problems of “cybersecurity” have been recorded for a couple of weeks and reached a critical point.
The researchers said that the closing of operations in the stock market was also affected, since some investor positions were not covered, risk that the involved banks will have to assume if it is confirmed that they did not reach to be processed.
Due to this, the Indeval (it is a private institution that has authorization according to the Law, to operate as a Central Securities Depository), which operates in the financial system with the services of guardianship, custody, administration, compensation and liquidation of securities. , is also analyzing this affectation, which would be secondary and would not have any direct problem in the investors, since the banks would have to liquidate the positions that were not processed by this problem.
These “incidences” generated economic losses in some institutions, but an impact on users was ruled out and it was also ruled out that it was a systemic risk, since the Bank of Mexico systems were not affected.
Information security experts reviewed the websites of deep web, black market and communications between several groups of hackers, according to this analysis it may be that Banxico and Bancomext detected traces of a backdoor in their systems. This means that a malicious actor was monitoring the activities of Mexican financial institutions, to take advantage of the right moment
For its part, the Bank of Mexico stated that the SPEI infrastructure was not affected and there were no signs of affecting the resources of the clients of any of the participating institutions in the aforementioned system. However, due to the connection with the SPEI under contingency schemes, customers may experience slowness, both in the remittances and in the receipt of resources, from other financial institutions, possibly a few hours, and delays in consulting electronic payment certificates.
If an operation was not carried out due to the incident with the SPEI and it was destined to pay a credit, the bank will not be able to charge any surcharge or collection charge, said Mario Di Costanzo, president of the National Commission for the Protection and Defense of the Users of Financial Services (Condusef).
Since October, in a report, Banxico asserted that the interconnection of the global financial system demands the reinforcement of mechanisms to share information, identify threats and resolve crises. And he cites as “a threat the risks of cyber attacks against the institutions and organizations that constitute the infrastructure of the financial system.”
According to information security analysts, on January 10 of this year, Bancomext had suspended operations, assuming emergency protocols to contain a hacking attempt. Reported that, despite its robust security measures, “on January 9 was the victim of an impairment in its international payment platform caused by a third party.”
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.