What can a government fear if it receives an effective cyber-attack? That is surely the first question that the government official asks. The answers: From personal data of your employees and citizens to confidential information such as future tenders and upcoming projects, which can affect your planning and even your operation. Discover why governments around the world face a major cybersecurity challenge by 2023.
In 2021, 156 billion cyberattack attempts were received in Mexico alone, 200% higher than in 2020. Compared to the records of all of Latin America (289 billion attempts), Mexico occupies the number one spot. Disturbing? For sure, yes.
But is there a law that supports digital data protection? In 1999, the Federal Penal Code was reformed, adding the chapter: Illicit Access to Computer Systems and Equipment, reaching 2020 when the General Cybersecurity Law was issued and which, today in 2022, is being subject to observations to propose reforms and prepare the government for a greater increase in cyberattacks in the coming years.
This is not surprising, other governments such as Ireland, Spain, and Costa Rica (to mention a few) are already betting on the cybersecurity of their governments. In the case of Ireland, the Irish Government asked its officials to avoid talking about work issues near smart devices such as Alexa or Google Home to avoid leaks. Both companies responded and defended themselves, clarifying that their devices only detect voice commands. However, it is well known that a hack has no limits.
Would you put the negotiation of a trade agreement at risk? Or any political situation in your government?
Governments like Costa Rica are signing alliances with leading software firms to strengthen cybersecurity in the public and private sectors. Their government has also decided to allocate more economic resources to digital security, actions that, even in 2022, most governments are not taking.
Malware attack on Pemex and the Mexican Government
At the end of 2019, Petróleos Mexicanos suffered a ransomware attack, a malware variant. The activities of this attack are espionage, information theft, use of host computer resources, and monitoring of user activity. Its main objective is the theft of information.
The attack on PEMEX meant that employees could not place orders, every storage and distribution terminal was frozen, and they were left without access to the logistics computer system.
What was the Mexican Government's loss? Theft of information and exposure of confidential data directly impacted the company and the federal government, causing insecurity among citizens towards the public administration.
The hackers demanded $5 million in bitcoins so as not to leak the information. The Mexican Government refused to pay the amount, and as a result, in February 2020, the hackers made public about 6GB of confidential information.
This attack leaves us with a very important lesson: A cybersecurity strategy must focus on prevention, not detection, which is how most governments and companies do it today: waiting to be attacked and then solving it.
Find out how to prevent cloud security risks.
We offer this type of solution at Madata. We focus on prevention, and our risk detection protocols help us quickly detect threats and minimize possible damage.
We create personalized security strategies based on international standards (ISO270001, 22301, 20000 +).
Receive a free consultation, and let's start developing your company's cybersecurity strategy together. To be assisted by a specialist, write to us at contacto@madata.com
