Mexican Bank Hack Led To A Cash Flight

Uploaded on 2018-05-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Several Mexican banks experienced large cash withdrawals in recent weeks after possible cyber attackers infiltrated some financial institutions, triggering unauthorised money transfers, the central bank said in an interview.

Banco de Mexico has zeroed in on five financial institutions whose external connection to the central bank’s electronic payment system was compromised, Lorenza Martinez, the central bank’s head of operations said. The vulnerability let money be illegally siphoned from “fake accounts” at those firms and led to several large cash withdrawals from other banks, she said.

The five banks and brokers are working with Mexico’s attorney general to determine whether organised criminals helped orchestrate a possible attack, but Banxico is not involved in those investigations, Martinez said. 

She declined to name the affected companies and said it’s too early to tell how many actors are behind the incidents. A representative for the attorney general didn’t immediately comment to a request made outside of normal business hours.
Recently the monetary authority asked some lenders to connect to its payment transfer network using a back-up scheme after a suspected cyber-attack disrupted some transfers. The measures have caused slowness in transfers for many consumers.

Now, more than 20 Mexican financial institutions have enacted back-up plans.

Clients at Citibanamex have reported that the lender’s ATM networks, credit and debit cards payments and online banking services are down, El Financiero reported Sunday. Citibanamex said in a statement to El Financiero that it’s working to restore services.

Grupo Financiero Banorte, Banco del Bajio SA and Banco del Ejercito were banks that had been directly targeted in the suspected cyber-attack. 

The payment system, known as the SPEI, was established in 2004 and lets users electronically transfer money between deposit accounts through a private, encrypted network operated by Mexico’s central bank.

While vulnerabilities were discovered at the end of April 2018, at least one bank experienced an incident as recently as early May, Martinez said. Some of the cash was withdrawn from accounts that had just recently been opened, she said.

The central bank is also probing whether the affected banks and brokerages were complying with security regulations and will ask banks to undergo more frequent stress tests in the future to ensure they can more quickly connect to the SPEI through its back-up network the next time there’s an attack.

Information-Management:

You Might Also Read:

Russian Hackers Steal $10M From Banks:

SWIFT Says Bank Cyber Attacks Are Here to Stay:

 

« Is The US Heading Toward A Cashless Economy Via Blockchain?
A Cyber Attack Could Cripple The UK »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Pondurance

Pondurance

Pondurance is an IT Security and Compliance company providing services in Cyber Security, Continuity, Compliance and Threat Management.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

AVORD

AVORD

AVORD is a cloud-based security testing platform that allows clients to manage security testing requirements in a far more productive and efficient way.

Kymatio

Kymatio

Kymatio are pioneers in Artificial Intelligence applied to adaptive staff strengthening, cultural change and predictive internal risk analysis.

Outsource UK

Outsource UK

Outsource UK is an independent recruitment company supplying highly-skilled technology, change and engineering talent to clients within a range of specialist sectors including Cyber Security.

VS Security Products

VS Security Products

VS Security Products design, manufacture and sell the most extensive range of degaussers and data destroyers on the market, suitable for all types of magnetic media.

Augusta HiTech

Augusta HiTech

Augusta Hitech is a focused product development, software services and technology consulting company. Our Vision is to become the most socially impactful and innovative technology company in the world

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Focal Point

Focal Point

We aspire to be the focal point for Medium and Small size companies providing 24/7 cyber security advice, services and solutions.

FPT Software

FPT Software

As a leading technology service provider, FPT assists customers of all sizes and from any industries in implementing and adapting digital technologies including cybersecurity.

Protexxa

Protexxa

Protexxa is a B2B SaaS cybersecurity platform that leverages Artificial Intelligence to rapidly identify, evaluate, predict, and resolve cyber issues for employees.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.