In recent years, cybersecurity has become a vitally important issue for governments, organizations and individual users alike, with a huge impact not only globally, but also specifically in Mexico. The year 2023 witnessed an ever-evolving cybersecurity threat landscape, challenging security experts to adapt and respond proactively. It is no longer enough to acquire technologies or protection tools: criminals have adapted their operations to evade, in some cases, the technology itself, or, in most cases, the absence of qualified personnel to adequately and permanently monitor those technologies. Phenomena such as Living-off-the-Land (LOTL), Shadow IT, SOC team alert fatigue and supply chain risks are some of the weaknesses that attackers have perfected in recent times. Increased “professionalization” of criminal groups such as Lockbit, Akira, MalasLocker, Mallox, Trigona, among others, have wreaked havoc, especially in Latin America, and specifically, to companies in Mexico, both small, medium and large companies and multinational groups. Many of the incidents handled by Beaconlab experts have allowed us to gain a deep understanding of the tactics, techniques and tools of these groups, deriving a continuous feedback between that offensive knowledge, applied to effective defensive strategies. Throughout this report, we will explore emerging threats, trends and vulnerabilities that affected various industries and sectors, with a special focus on what we at Beaconlab have observed in incidents that occurred in Mexico.
