Mexican Bank Hack Led To A Cash Flight

Uploaded on 2018-05-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Several Mexican banks experienced large cash withdrawals in recent weeks after possible cyber attackers infiltrated some financial institutions, triggering unauthorised money transfers, the central bank said in an interview.

Banco de Mexico has zeroed in on five financial institutions whose external connection to the central bank’s electronic payment system was compromised, Lorenza Martinez, the central bank’s head of operations said. The vulnerability let money be illegally siphoned from “fake accounts” at those firms and led to several large cash withdrawals from other banks, she said.

The five banks and brokers are working with Mexico’s attorney general to determine whether organised criminals helped orchestrate a possible attack, but Banxico is not involved in those investigations, Martinez said. 

She declined to name the affected companies and said it’s too early to tell how many actors are behind the incidents. A representative for the attorney general didn’t immediately comment to a request made outside of normal business hours.
Recently the monetary authority asked some lenders to connect to its payment transfer network using a back-up scheme after a suspected cyber-attack disrupted some transfers. The measures have caused slowness in transfers for many consumers.

Now, more than 20 Mexican financial institutions have enacted back-up plans.

Clients at Citibanamex have reported that the lender’s ATM networks, credit and debit cards payments and online banking services are down, El Financiero reported Sunday. Citibanamex said in a statement to El Financiero that it’s working to restore services.

Grupo Financiero Banorte, Banco del Bajio SA and Banco del Ejercito were banks that had been directly targeted in the suspected cyber-attack. 

The payment system, known as the SPEI, was established in 2004 and lets users electronically transfer money between deposit accounts through a private, encrypted network operated by Mexico’s central bank.

While vulnerabilities were discovered at the end of April 2018, at least one bank experienced an incident as recently as early May, Martinez said. Some of the cash was withdrawn from accounts that had just recently been opened, she said.

The central bank is also probing whether the affected banks and brokerages were complying with security regulations and will ask banks to undergo more frequent stress tests in the future to ensure they can more quickly connect to the SPEI through its back-up network the next time there’s an attack.

Information-Management:

You Might Also Read:

Russian Hackers Steal $10M From Banks:

SWIFT Says Bank Cyber Attacks Are Here to Stay:

 

« Is The US Heading Toward A Cashless Economy Via Blockchain?
A Cyber Attack Could Cripple The UK »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

iFluids Engineering

iFluids Engineering

iFluids Engineering is a leading engineering consulting and risk management firm providing a full range of services including Cyber Security for Industrial Control Systems.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling and Data Destruction protect the environment and your data with proven and trusted electronics recycling and data destruction services.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

AUTOCRYPT

AUTOCRYPT

AUTOCRYPT is a mobility security provider dedicated to the safety of future transportation

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

Crosspoint Capital Partners

Crosspoint Capital Partners

Crosspoint Capital Partners is a private equity investment firm focused on the cybersecurity and privacy sectors.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

SecureChain AI

SecureChain AI

SecureChain are combining blockchain and AI technology to create a smarter blockchain platform especially in terms of security.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.