Three banks experienced ‘incidents’ in recent days: Banxico
Banorte system back up; BanBajio using alternate SPEI system
Cyber attackers attempted to penetrate Mexico’s electronic payment systems Friday, forcing three banks to enact contingency plans, according to people familiar with the matter.
Three banks experienced “incidents” in recent days when operating the SPEI, Mexico’s interbank electronic transfer system, and will be connecting to the central bank’s network under “contingency schemes,” Banco de Mexico said in a statement Friday evening. That could cause delays in money transfers, according to the statement, which noted that the central bank’s SPEI infrastructure and client money haven’t been affected.
Grupo Financiero Banorte had an “incident” with an intermediary process of the system it uses to connect to the central bank’s money-transfer network, but service has been reestablished, the bank said in a tweet Friday afternoon. A spokesman declined to comment on whether Banorte was targeted by cyber attacks.
Cyber attacks targeting banks appear to be happening with more frequency, said one of the people, who asked not to be identified without authorization to speak publicly. A spokeswoman for Mexico’s banking association, known as the ABM, declined to comment.
The central bank asked Banco del Bajio SA to connect to the SPEI using an alternate network Friday, but the lender’s payment transfer system never failed and no client money was affected, a spokesman said. No government banks registered any problems, the Finance Ministry said in an emailed response to questions from Bloomberg.
The assault came less than four months after hackers attempted to steal money from Bancomext, Mexico’s government-run export bank, causing the lender to suspend operations in its international payment platform. Bancomext said that it was able to contain the situation thanks to its protocol and help from the authorities, including Banxico.
The SPEI system, established in 2004, lets users electronically transfer money between deposit accounts through a private, encrypted network operated by Mexico’s central bank, according to Banxico’s website.
Banco de Mexico alerted the public to the dangers of cyber attacks in a report in October 2017, saying that regulators have acknowledged the possibility that these could include systemic attacks on financial systems. In the report, the central bank played up the importance of the authorities in preserving the stability of financial systems when faced with such attacks.
Authorities are important as there’s a “lack of detailed and sufficient information about attacks of this type that have occurred against financial institutions,” Banxico said. “That’s because institutions may have incentives to not reveal such information out of fear that their reputation with clients could be damaged.”