Key Findings
According to Kaspersky’s IT Security Economics 2024 report, a staggering 91% of Mexican companies reported attempts to infiltrate their networks, with 64% confirming successful execution of malicious code within their infrastructure. This trend is not exclusive to Mexico, as 97% of large enterprises, 88% of medium-sized businesses, and 83% of small and medium enterprises (SMEs) acknowledged similar incidents.
The Global Cybersecurity Landscape
Fabio Assolini, Director of Kaspersky’s Global Research and Analysis Team (GReAT) for Latin America, explains that despite increasing investments in cybersecurity, most organizations continue to face network attacks. The traditional concept of a reliable perimeter has lost relevance, and organizations must adopt more comprehensive security solutions.
Common Attack Vectors
Phishing remains a popular tactic due to its low cost and effectiveness. A single employee falling for a phishing email can grant attackers access to move laterally and escalate privileges within the network. Additionally, the normalization of Bring Your Own Device (BYOD) policies, especially since the pandemic, has introduced new attack vectors as personal devices connect to corporate networks.
From Data Theft to Ransomware
Assolini clarifies that not every attempt results in a successful attack. The difference lies in the monitoring and protection tools deployed. When attackers succeed, data theft is often extensive, ranging from customer databases to network maps. Ransomware typically follows data breaches as attackers monetize stolen credentials in underground forums.
Budgets and Challenges
Kaspersky’s report indicates that companies plan to increase their security spending by approximately 9% over the next two years, with a median expenditure of $5.7 million for large enterprises (out of a total IT budget of $41.8 million). SMEs allocate around $200,000 for cybersecurity from a total IT budget of $1.6 million.
Structural factors, such as the high cost of legitimate software compared to limited budgets and tolerance for unofficial versions, contribute to the increased attack surface in Mexico and Latin America. Many IT administrators disable automatic updates to avoid licensing warnings, leaving systems vulnerable.
Targeted Sectors
The healthcare sector faces unique vulnerabilities due to legacy systems (e.g., Windows 2000, XP) that cannot be updated due to dependencies on medical equipment. This increases the risk of ransomware attacks and the likelihood of paying ransoms due to the critical nature of healthcare services.
Public sector organizations are often targeted due to political motivations and the high value of information they manage. Assolini emphasizes that a combination of legislation, education, patch discipline, and elimination of unauthorized software is necessary to address these challenges.
Key Questions and Answers
- What percentage of Mexican companies experienced network infiltration attempts? 91%
- What percentage of companies reported successful execution of malicious code within their infrastructure? 64%
- What factors contribute to the increased attack surface in Mexico and Latin America? High cost of legitimate software, limited budgets, and tolerance for unofficial versions.
- What are common attack vectors used by cybercriminals? Phishing, Bring Your Own Device (BYOD) policies, and exploiting outdated legacy systems.
- What is the typical progression of a cyberattack, from initial breach to ransomware? Data theft followed by ransomware, often after stolen credentials are sold in underground forums.
- What is the planned increase in cybersecurity spending by companies over the next two years? Approximately 9%
