Luis Pablo Segundo / Reform Agency
Friday, May 05, 2023 | 17:09
Mexico City.- So far this year, databases of millions of Mexicans continue to be sold illegally in clandestine Internet forums, which represented a growth of 144 percent compared to 2022, revealed the cybersecurity company Cryble Research and Intelligence Labs ( CRIL).
According to the “Report on Cyber Threats Mexico”, in the last year various internet forums were detected that offered information from entities such as the National Electoral Institute (INE), the Ministry of the Interior (Segob), as well as companies in the sector private.
Juan Carlos Cortés, Advisory and Presale director for ETEK International, explained that in the indicated period the exposure of private information rose due to the few security tools that exist in the market, while for the Government the little interest that exists regarding the issue.
“This is growing exponentially, our reports show that the availability of data grew 144 percent compared to 2022,” said the manager in an interview for REFORMA.
ETEK International and CRIL detected that data from forums is then used as initial vectors to perpetrate large-scale cyberattacks in the Country.
In clandestine forums to buy and sell unauthorized access and data, so-called Threat Agents (TAs) are operating, taking advantage of the anonymity of these groups that operate on the network, the report said.
Among the most illegally sold data, he highlighted a database of 90 million 939 thousand private data records that includes date of birth, and Unique Population Registry Code (CURP) in addition to identification, full names and surnames, address and private data .
Another criminal group was offering stolen databases to Grupo Financiero Banorte, exposing more than 10 million accounts to the black market, including full names, addresses, phone numbers, RFCs, emails, and bank account balances.
Data theft, which used to occur mainly in the financial sector, today is carried out in all types of companies such as health, telecommunications and all types of government organizations.
He explained that the data is often used to demand economic ransoms, which is commonly known as ransomware attacks.
That is to say, first the information is stolen from the servers, data that is sold on the network through the Dark Web or Deep Web, or simply an economic ransom is requested to be able to return the information.
