Mexico needs to do more to protect itself from cyberattacks that could be perpetrated by countries such as China and Russia, according to the former director of the United States Cybersecurity and Infrastructure Security Agency.
Christopher Krebs, fired by former United States president Donald Trump shortly after the 2020 presidential election in that country, believes that infrastructure built in Mexico by foreign companies poses the greatest risk to the country’s cybersecurity.
There are growing numbers of Chinese and Russian companies in Mexico and intelligence agencies from those countries could take advantage of their facilities to launch attacks on critical IT systems in Mexico with the aim of obtaining strategic information, he said in an interview with the El Universal newspaper.
Krebs said that the government needs to strengthen cybersecurity, invest in modern technology, work with the private sector to better protect its IT systems and collaborate with U.S. authorities to better understand the threats it faces.
Speaking to El Universal during a professional visit to Mexico, the cybersecurity expert said that as the trade relationship between Mexico and the United States grows so too does China and Russia’s interest in having their intelligence agencies operate here.
Air Force General Glen VanHerck, commander of the United States Northern Command, claimed earlier this year that Russia has more intelligence agents in Mexico than any other country.
As the Mexico-U.S. trade relationship grows, Krebs said, foreign intelligence services will increasingly seek to infiltrate IT systems in Mexico to extract and exploit sensitive information.
His warnings and advice are especially pertinent given that the Ministry of National Defense (Sedena) and the Ministry of Infrastructure, Communications and Transport (SICT) have both been recent victims of cyberattacks. The Guacamaya “hacktivist” group infiltrated Sedena’s servers and stole millions of emails and documents while unidentified hackers breached the security of 110 SICT computers and installed ransomware.
Krebs said he was surprised that the hackers were able to get into the army’s IT system given that armed forces around the world normally guard classified information “very jealously.”
“I have a hard time believing that wasn’t the case [in Mexico], that high level intelligence information could be exposed,” he said.
Although Sedena was unable to adequately protect its own IT system, Mexico has made some progress in improving cybersecurity, Krebs said without citing any specific advances.
“Mexico is working, it’s a critical partner for the United States and I see that it’s taken steps to protect … [its IT systems],” he said.
However, around the world there is a “very clear lack of talent on the side of companies and governments to protect themselves” from growing threats to cybersecurity, Krebs said.
With reports from El Universal
