Cyberattacks in Mexico Raise Alarm Bells Ahead of Sunday’s Election
(Bloomberg) -- Cyber attacks against Mexican financial institutions and reports of alleged election interference around the world are fueling concerns among analysts that the nation’s presidential vote on Sunday may become a target for hackers.
While Mexicans will cast their vote July 1 by paper ballot, electronic systems will be used to tally and transmit the results, which the electoral authorities will then release to trusted media outlets. The slightest disruption to the voting process can sow doubt and distrust, said Ron Bushar, vice president of government solutions for cybersecurity services company Mandiant.
Tensions are already high in the country given that polls show Mexicans are likely to elect a leftist for the first time in almost five decades. That candidate, Andres Manuel Lopez Obrador, has accused his rivals of fraud and collusion to keep him from winning in the past two presidential elections, while his opponents say that his presidency would be a disaster for Mexico’s economy.
Such polarization is fertile ground for cyber criminals.
"The outcome of an election almost doesn’t matter" for hackers, Bushar said. It’s about “calling into question the legitimacy (of the process) or creating a lot of tension between the political parties."
A warning came last December, when former U.S. National Security Adviser H.R. McMaster said that there was evidence of Russian interference in Mexico’s campaign, although he didn’t elaborate on how Russia was seeking to influence the process. Russia was mentioned again this month when candidate Ricardo Anaya’s team said a website it created to publish information questioning ties between Lopez Obrador and a contractor, was shut down by "an attack". The Anaya campaign said the hack originated in Russia.
The campaigns of Lopez Obrador, Anaya and Jose Antonio Meade didn’t immediately respond to requests for comment.
"Cybersecurity continues to be a potential Achilles heel of Mexico’s electoral process," said Arturo Sarukhan, a former Mexican ambassador to the U.S.
Part of the concern stems from other hacks in Mexico recently. The state-owned export promotion bank Bancomext suffered an attempted cyber theft of $110 million in January. In April and May, hackers succeeded in infiltrating five financial institutions including Grupo Financiero Banorte SAB and stole at least $15 million from lenders.
"I think the election system is really vulnerable, more vulnerable than the banks," said Israel Reyes, an international consultant in cyber security, who worked this year as a contractor for Mexico’s National Polytechnic Institute as part of a broader plan for election day commissioned by the country’s national electoral institute, known as INE.
Reyes said he’s concerned that the institute is unprepared to respond to a cyber attack or systems failure. The project Reyes worked on alongside specialists from Harvard and the MIT was terminated in March by the Polytechnic Institute, which cited inadequate time to complete it.
The most likely attack in Mexico is one that would involve multiple information requests, known as a Distributed Denial of Service attack, which would overwhelm and crash INE’s website. That’s the kind of attack that the Anaya campaign said it suffered during the presidential debate on June 12.
INE is working to mitigate risks, said Jorge Torres, INE’s chief of information services, who has worked there for almost two decades. "We have personnel with lots of experience in these issues, and we also have third parties auditing."
On the wall of his office at the institute’s headquarters in Mexico City, Torres has eight screens that constantly monitor INE’s information systems, including a "Digital Attack Map" showing daily cyber attacks around the world.
The only part of the electoral system connected to the Internet is INE’s main website, which itself won’t even have a vote count but will provide a list of media outlets that can provide the preliminary tally, Torres said. Other communications systems run on an internal network and are protected, he said.
INE has been simulating attacks on its systems to try to detect any vulnerabilities ahead of the vote. The institute also hired Scitum, a company owned by billionaire Carlos Slim, who controls Mexico’s biggest phone company and a majority of its telecommunications infrastructure, to double-check its work. Scitum didn’t return e-mails and phone calls asking about its tests.
"There can always be risks, but we look to minimize them as much as possible," Torres said.
©2018 Bloomberg L.P.