Cryptojacking and Ransomware Cases Grow in Mexico

Mexican users of public cloud networks report a surge in cryptojacking and ransomeware attacks in recent months.

According to El Economista, almost three quarters of Mexican companies that use cloud networks including Amazon, Google and Microsoft, report security incidents resulting in negative perceptions by citizens. Less than a third of the locals fully trust cloud network security.

Ransomware attacks 

Security weaknesses allow threat actors to deploy other crypto-related attacks like ransomware, including a recent case where an oil company, Pemex, was targeted by the DoppelPaymer gang.

The report says that Mexican companies have been reporting instances where unknown cybercriminals are using their cloud computing resources to mine cryptocurrencies — known as ‘cryptojacking’. However, no major details were provided about which cryptos are mined.

Alain Karioty, general sales manager for Latin America of cybersecurity firm Netskope, told El Economista that such attacks result from the lack of knowledge among companies regarding security measures for cloud computing.

Leonardo Granda, manager of engineering at Sophos in Latin America, commented on the security flaws within the public network that allow the data loss:

“This data loss is often due to poorly configured public access in shared cloud storage and by leaving data sources open for cyber attackers to search for them using tools such as the specialized search engine Shodan they can exfiltrate them.”

Cybercriminals target Latin American countries 

Another study unveiled on May 28 by the National Police of Colombia shows that ransomware attacks are a rising trend across the country.

The report notes that 30% of all ransomware attacks within Latin America have specifically targeted Colombia, where threat actors have been targeting public entities.