By Andrés Amunátegui & José María Álvarez-Cienfuegos

|

Published 03 March 2020

Overview

Cyber breach reported by the Mexican Ministry of Economy and extortion demands by fraudsters- Intrusión cibernética reportada por la Secretaría de Economía y extorsión de defraudadores.

According to certain press reports, on 23rd February 2020 the Mexican Ministry of Economy suffered a cyber-breach, arising out of the infiltration of ransomware in its IT infrastructure, by some as of yet unknown third parties.

Furthermore, it has been publicly reported that following the detection of the malware affecting around 1700 computer stations –which in layman’s terms encrypts the affected information until a ransom is paid by the victims- authorities received a ransom demand by fraudsters, requiring the payment of an as of yet unreported sum, to remove the encryption and prevent further losses.

We note that according to some press reports, the infiltration of the ransomware may have been caused by the lack of up-to-date and/or acquisition of cybersecurity measures by the government, because of an overall “austerity” plan by the federal authorities.

Due to the politically-sensitive nature of any potential claim that may be filed by the insured, we strongly suggest taking proactive measures to allow the early identification of any circumstances relevant to such a claim, as well as the particulars of the incident.

In our experience, cyber claims tend to require thorough and complex investigations, due to the technical aspects involved. For example, there may be a need to carry out a complete analysis of the insured´s IT infrastructure and processes, which may be hindered by confidentiality or national security issues, due to the involvement of Mexican federal government entity.

Author