AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond

The threat landscape in Mexico is a precarious one. A recent industry report reinforces the severity of Mexico’s cybersecurity challenges, describing the country as having a “high level of cyber vulnerability” and noting that state-backed groups and ransomware gangs increasingly view Mexico as an easy target due to “gaps in investment and preparedness.”

In that context AI-powered attacks and an immature cyber-regulatory infrastructure combine to create a perfect storm of cyber peril for the coming year; and it’s one that the country is going to have to figure out how to weather in real-time.

This “newly industrialized and developing country” is expected to rank just outside of the world’s top ten economies this year, projected to come in at #12. However, this only puts a target on its back. In this context AI-powered attacks and an immature cyber-regulatory infrastructure combine to create a perfect storm of cyber peril for the coming year; and it’s one that the country is going to have to figure out how to weather in real-time.

AI-Driven Attacks Hit Mexico Especially Hard

In the first half of 2024, over half (55%) of all cyberattacks in Latin America were centered on Mexico. Many of these attacks are driven by the force-multiplying power of AI. A recent report highlighted the 324 billion total cyberattacks Mexico endured during the course of the last year, noting that threat actors are increasingly targeting American companies operating south of the border. It also emphasized the fact that attackers were increasingly leveraging AI to improve their speed and scale.

Speed and scale may be things that many Mexican industries do not have on their side when facing off with high-powered attacks. As noted by industry analyst Diego Valverde, “As threats grow more targeted and sophisticated, even Mexico’s largest companies face an average of 10 cyber incidents a year and spend millions recovering.” Sectors like manufacturing, logistics, and automotive have an especially hard time overcoming downtime, with downtime losses averaging $1,500 per minute. Noted Christopher Todd Doss, Senior Managing Director at cybersecurity consulting firm Guidepost Solutions, “The manufacturing sector is a prime target. Cybercriminals can take their operations offline, disrupting sales and distribution in the United States.”

In a country still undergoing its digitization transformation, the power of AI to incur damage is force-multiplied. Whether it be producing vast variants of malware, churning out easy-to-use RaaS exploits, or sending out word-perfect phishing emails at a scale previously unimaginable, the effects of AI on a nation still progressing in its cyber maturity journey are especially hard felt.

Cybersecurity Compliance Laws Still Loading

The fact that the country lacks strong data security laws doesn’t help. While existing cybersecurity regulations are implemented among various sectors like finance, consumer protection, labor, and intellectual property, the country has yet to put a strong, comprehensive national cybersecurity law in place. Efforts to update the 2017 National Cybersecurity Strategy (ENCS) were stalled last year; the Carnegie Endowment cited a “lack of political prioritization.”

With estimates that Mexico is struggling especially hard from the ongoing cyber skills crisis – lacking as many as 50,000 skilled cybersecurity workers, according to some – it is likely that even if the laws were in place, most organizations operating within the country would still have a hard time complying with them.

This is especially concerning, given the fact that a recent Mandiant report revealed that Chinese threat actors have a penchant for targeting Mexican government agencies, and the country’s cryptocurrency firms are often the target of North Korean-based aggressions. Attacks on Mexican government institutions are projected to rise by a whopping 260% in the coming year, and January already saw the compromise of over 570 government computers.

The trend is clear: World powers are centering in on the country with nearly $1.6 trillion in trade with the US, while firm cybersecurity frameworks have yet to be put in place. Having been accused of “going digital without cybersecurity foundations,” the best line of defense for Mexican-based businesses – while waiting for policy changes – may be to take matters into their own hands.

The Technology Solution: Mexico’s Best Bet

As threats heat up and regulations have yet to catch up, investing in advanced security technology might be the best line of defense for a country short on cyber resources.

Fortra Managed Security Services provide state-of-the-industry security solutions to help force-multiply small security teams and level-up the security posture of any digitized organization:

• Extended Detection and Response (XDR)
• Managed Detection and Response (MDR)
• Data Loss Prevention (DLP)
• Digital Risk Protection (DRP)
• Integrity Monitoring
• Web Application Firewall (WAF)
• IBMi Security Services

As organizations move ahead on their cybersecurity maturity journey, it is important to build a security stack centered around breaking every stage of the cyber attack chain. From Reconnaissance to Action on Objectives, it is never too early – or too late – to stop sophisticated, emerging attacks in the act. And for email-based threats made even more dangerous by AI deepfakes, there is Fortra Cloud Email Protection, and Integrated Cloud Email Security (ICES) solution that goes beyond signatures to catch BEC, phishing, and compromised accounts – things even vital Secure Email Gateways (SEGs) can’t detect.

Because of its position as one of the major economic powerhouses of Latin America (and its ties to US trade) Mexico will always have a target on its back. Organizations operating there may have to wait for better data protection regulations, more skilled cybersecurity workers, or even more political prioritization. But, one thing they can control is their ability to adopt cybersecurity solutions that can protect them from the next attack.