The recent attack on the National Lottery (Lotenal), the cyberattacks made against Banco de México, Petróleos Mexicanos, the Ministry of Economy, or the National Commission for the Protection and Defense of Users of Financial Services have something in common: they are linked to government institutions, a trend that has pushed policies like the one that the president of the United States, Joe Biden, has highlighted and called for attention.
Within the consequences of the attack on Lotenal, the permanent Commission of the Congress of the Institutional Revolution Party has demanded that the Ministry of the Interior implement a cybersecurity strategy for the entire Federal Public Administration, since the idea of this proposal is to prevent and protect government institutions from potential vulnerabilities.
“The lack of regulation and implementation of policies is a challenge that government institutions and companies in the country are dealing with, as it leaves them vulnerable to cybercriminals, which is why the analysis of this type of crime is becoming stronger. problems and the search to have a paradigm to follow ”, David López, Appgate’s vice president of sales for Latin America, told Expansión.
Avaddon, the group behind the attack on Lotenal, has had significant growth, especially in Latin America in countries such as Brazil, Colombia, Chile, Costa Rica, Mexico and Peru, where victims of this criminal group were registered, from sectors such as government, industry, health sector, financial services and telecommunications companies.
“Attackers using Avaddon ransomware have compromised victims by using remote desktop protocol logins or by targeting virtual private networks that are poorly configured or use single factor authentication. The malware they disperse, in addition to increasing privileges, contains an anti-analysis protection code and allows persistence in the victim’s system ”, indicated Víctor Ruiz, founder of Silkin, a company specialized in cybersecurity.
Ruiz also indicates that criminal groups have taken advantage of the lack of cyber security and the weak defense strategies that exist. For this reason, specialists see that in the face of these attacks, what can be achieved is better clarity in cybersecurity standards.
“The proposal made by Joe Biden regarding his Zero Trust policy will be a great boost for companies and institutions in the United States, but also in other parts of the world, by setting an example of the relevance of these issues for the government. ”Said López.
Biden’s executive order was signed on May 12 of this year and seeks that the federal government have an architecture in its systems of ‘zero trust’.
This raises a couple of questions. What is zero trust security? And, if trust is bad for cybersecurity, why do most government and private sector organizations do it?
Last year there were at least 2,354 ransomware attacks against US governments. And while estimates vary, ransomware losses appear to have tripled in 2020 to more than $ 300,000 per incident.
Zero Trust is a security model that is based on continuous verification through information from multiple sources. By doing so, this approach assumes the inevitability of a data breach. Instead of focusing exclusively on preventing breaches, zero-trust security instead ensures that damage is limited and that the system is resilient and can recover quickly.
