Cybercrime as-a-service , Fraud Management & Cybercrime , Incident & Breach Response

Hackers Target 3 Mexican Banks' Real-Time Transfers

Mexico's Central Bank Says No Client Money Lost, But Activates Contingency Plans
Hackers Target 3 Mexican Banks' Real-Time Transfers
Banco de México headquarters in Mexico City. (Photo: Alfonso21 via CC)

Mexico's central bank says "operational incidents" last week appear to have been the work of hackers attempting to mess with banks' real-time payment transfers. While an investigation continues into the incidents, the central bank says it's instructed the three banks to use contingency plans, including alternate connection arrangements, and warned that the banks' payment transfers might slow as a result.

See Also: Emotet: Nastier than WannaCry and Harder to Stop

On Friday, Banco de México, or Banxico, issued an alert, reporting that there were security incidents at three of the country's banks that participate in the central bank's domestic interbank electronic payments system, known as SPEI.

The central bank says that the SPEI infrastructure was not breached and "continues to operate normally and safely" and that the attempts to defraud the three banks appear to have been unsuccessful.

"To date, the SPEI infrastructure at Banco de México has not been affected, and there are no indications of effects on the resources of the clients of any of the institutions that participate in SPEI," it says.

To be safe, however, the central bank says that it's activated "contingency measures" for the three targeted banks and moved them to alternate connections. It warned that these emergency measures could result in customers of those banks seeing a slowdown in its real-time payment system, which normally clears transactions in just 1.9 seconds.

"It is possible that the clients of the [three banks will] experience slowness in the sending of their transactions, as well as in the receipt of resources from other financial institutions (possibly of a few hours) and delays in the queries of the electronic certificates of payment," it said.

Report: Banco del Bajio Targeted

A full list of affected banks has not been released. But Banco de México instructed Banco del Bajio - aka BanBajio - to connect to SPEI using an alternate network on Friday, Bloomberg reported, saying that a spokesman for Banco del Bajio told it that the bank's payment transfer system experienced no interruption and that no client money was lost.

Mexico's Finance Ministry tells Bloomberg that no government-owned banks appear to have been targeted via these attacks.

On Friday, Grupo Financiero Banorte reported experiencing an "incident" that temporarily left it unable to connect to SPEI. The bank couldn't be immediately reached for comment about whether the incident was connected to the hacking attempt reported by Banco de México.

Mexico's Real-Time Payment Transfer System

Short for "Sistema De Pagos Electrónicos," the SPEI electronic funds transfer system was launched in 2004 to enable banks to transfer money between private account across an encrypted network.

"This system was developed to facilitate payments between financial institutions, in addition to enabling them to offer safe and efficient retail payment services to the public," the central bank, which maintains the system, says in an overview.

"SPEI's participants can transfer Mexican pesos by own account and on behalf of their accountholders, in near real-time, 24 hours per day, every day of the year," it adds. "SPEI uses an open communication protocol that was specifically designed for SPEI and does not require a specific architecture, programming language or operating system. SPEI's participants have the protocol's full specifications, so they can develop their own system connectivity applications according to their needs."

Foreign exchanges via the system are handled by CLS Bank, a New York-based organization owned by 69 banks that specializes in providing settlement services in 18 currencies to foreign exchange market members.

"Operations held with CLS Bank are managed in SPEI through SWIFT, so Banco de México translates the messages from SWIFT to SPEI protocol and vice versa," according to Banco de México's overview (see Security Investments Consume SWIFT's Profits).

Mexican, Latin American Banks Targeted

This isn't the first time that Mexican banks have been targeted by hackers this year.

On Jan. 9, Bancomext - El Banco Nacional de Comercio Exterior - said that it had suffered a disruption in international payment transfers as a result of an attempted hack attack. The bank reported no losses, saying that a quick response by banks, various authorities as well as Banco de México had blunted the attack.

"Authorities have confirmed that the modus operandi of the alleged hackers is similar to intrusions that have occurred in other institutions in Mexico and Latin America," the bank reported.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.