The Secretary of Security and Citizen Protection, Rosa Icela Rodriguez, announced that this dependency will create the National Registry of Cyber Incidents (RNIC), which will make it possible to measure the occurrence and impact of crimes on the Internet, and to identify behaviors that potentially affect citizens.
During the twenty-fifth Plenary Assembly of the National Conference of Secretaries of Public Security, the official affirmed that although during the pandemic technology allowed communication between family and friends, it also allows cyber crime such as fraud, extortion, identity theft and cyberbullying.
Rodríguez even considered the Free Fire video game a risk, because it is supposedly used by the organized crime to recruit young people.
He specified that the National Registry of Cyber Incidents It should be extended to all states to create a database with information from the security authorities of the three levels of government and thus keep a detailed list of the cyber incidents reported.
“This registry will operate permanently 365 days a year, 24 hours a day, from a homologated catalog of incidents, which will help them to be captured with the same criteria throughout the national territory ”, he added.
He stated that another utility of the RNIC will be the design of prevention campaigns, and intelligence strategies and actions to combat and contain the cyber crime.
Meanwhile, during the meeting, the official urged the states to reinforce the Approved Model of Digital Driver’s License and to standardize criteria and requirements for issuance, through the use of technology, so that they are valid throughout the national territory.
“In addition, the model, approved this morning, will facilitate the validation of the authenticity of a digital license through the implementation of a QR code and the adoption of a technical sheet with the basic data that this document must contain, making this technological tool valid throughout the country ”, he explained.
Currently only three states have a digital driver’s license: Mexico City, Oaxaca and Nuevo León.
It should be noted that the Office of the Attorney General of the Republic (FGR) has received 36 complaints of cyberattacks or hacks in the last 9 years, of which five occurred in 2021. Between last year and the present, various agencies such as Mexican oil, Secretariat of the Function Public, Ministry of Economy and the National lottery, have been the target of cyber attacks.
The cybersecurity expert, Israel Reyes Gómez, warned that “Mexico is lagging behind” in this matter, so they need to update in the Federal Criminal Code sanctions for individuals who attack government computer systems inside or outside the country with the purpose of stealing or hijacking strategic information.
According to a transparency report from the Office of the Attorney General of the Republic (FGR), with folio 0001700148221, between 2012 and 2013 he received one complaint per year due to system infiltration; in 2014 it received 9 complaints; in 2015 seven; in 2016 four; in 2017 one; in 2018 two; in 2019 one; in 2020 five and the same amount so far in 2021.
Between 2020 and 2021, Petróleos Mexicanos, Ministry of Public Function, Ministry of Economy and the National Lottery, National Council to Prevent Discrimination have suffered violations of their systems, while the SAT, Bank of Mexico have suffered hacking attempts. All these agencies and organizations have ensured that sensitive information was never at risk.
Israel Reyes Gómez, an expert in government projects in cybersecurity specializing in cryptography in the military, banking and government fields, said that there is a “pandemic ”of cyberattacks not only in MexicoBut also in the United States where they have hacked into Georgia’s pipeline systems, a meat plant and a solar panel company.
“But in Mexico We have also seen an exponential growth in those attacks; we saw what happened to Pemex, what happened to Banxico, to the Ministry of Economy, of the Public function, the SAT and Conapred and most recently the National Lottery. These series of attacks are already chronic, increasingly acute and causing more damage.
“The worrying thing about these cyberattacks, is that they do not happen the moment they are made known, usually the cybercriminals They infiltrate systems on average eight months before, a year before, either they insert the malicious code and proceed to espionage, which is the means by which they know which are the important critical systems, which are the ones that they target or focus, the they are going to kidnap to ask for a reward.
“Mexico is vulnerable because it is a strategic country for USA which puts it in the focus of possible attacks on critical infrastructure and also on its electoral systems ”, he warned.
“And they hacked a Facebook and it has a whole cyber security team and they stole 533 million user accounts, they infiltrated the CIA, the Pentagon and the FBI, in what vulnerability can national institutions be? ”he asked.
For this reason, the expert suggested that the Mexican government update the existing punitive legal frameworks in cybersecurity that protect the privacy and protection of data when it is of high value; create a National Agency for Cybersecurity and Protection of Critical Infrastructure and create sovereignty of government information, since the databases are protected on platforms in the United States, Brazil or European countries. He emphasized that this is more necessary as the government seeks to create the National Register of Mobile Telephone Users (Panaut).
“It is necessary to create an infrastructure modernization to reduce vulnerabilities. Also develop Mexican talent, because there are not so many specialists in cybersecurity and data. Also to compensate them technologically, not only to be consumers, but to be technology providers. We do not have information or data sovereignty, because most of the critical information of a country is digitally, and those digital assets are usually not found in Mexico, but on platforms that are in the United States, Brazil or elsewhere. European countries, we have to have information sovereignty ”, he stressed.
Cyberattacks
- On November 10, 2019, hackers attacked the internal network of Petróleos Mexicanos and demanded a payment of 565 bitcoins, or 4.9 million dollars to unlock their systems. The oil company assured that its information was not compromised.
- In February 2020, an attack was raised on the computer systems of the Ministry of Economy, which caused the suspension of the procedures to the public.
- Between May and June 2020, the Ministry of Public Function was the victim of a hack into its database of asset declaration of public officials.
- In June 2020, the page of the National Council to Prevent Discrimination (Conapred) was hacked in an act attributed to “Anonymous Iberoamérica”, who posted a message against the federal government on the agency’s website.
- In July 2020, the Tax Administration Service (SAT) systems suffered a hacking attempt, which led to the SAT site having intermittent operation.
- In July 2020, the website of Banco de México (Banxico) was the target of a hacking attempt.
- On May 30, 2021, the Avaddon ransomware group published documents on complaints of sexual harassment within Lotenal on the National Lottery portal. The cybercriminals gave Lotenal 10 days to pay the ransom. A day later, the National Lottery acknowledged the hack and said it was in collaboration with the cyber police. During the hack, documents such as payments, policies, contracts, even databases from 2009 to 2021 were exposed.
rrg
Reference-www.eleconomista.com.mx