Pemex information is sold to the highest bidder on the dark web

The information hacked from Petróleos Mexicanos (Pemex) « is sold to the highest bidder » on the Dark Web, which puts the strategic security of the State’s productive company at risk, Israel Reyes, a specialist, assured El Sol de México in security and cyber intelligence from George Washington University and member of the International Intelligence Community (CII).

“In these networks there is information about Pemex. We already monitor and analyze it. We find strategic and confidential Pemex information on the Deep Web and the Dark Web. We detect it in the International Intelligence Community ”.

➡️ Stay informed on our Google News channel

His warning coincides with a report published by the National Anticorruption Organization (ONEA), which revealed that there are more than 180 thousand files with sensitive information about the oil company « floating on the darkest side of the internet, » including documents that were extracted in November 2019 by a gang of hackers with a virus (malware) known as DoppelPaymer.

Among the data that the hackers stole are keys and passwords of Pemex users, which are for sale on the Deep Web.

Also available to the highest bidder are the Tula Refinery Remote Operation Manuals, databases, logs and surveillance programs, as well as graphs to interpret production data, the civil organization warned.

Reyes warned that the worst is yet to come: attacks on gasoline pumping systems. « Pemex has a cyber-physical structure, that is, half are cybernetic and the other half of the components are physical, which is known as Scada (Computer Supervision and Data Acquisition Systems). »

This system controls Pemex’s networks and physical structure. When there is a hack of the Scadas, what can be done is to disable the systems or alter them. And it can even create an explosion or a major accident, alerts the specialist.

“These systems have monitoring. And if hackers tamper with these temperature monitors and pressure injections, they can literally blow up refineries. That is why I say that the worst is yet to come. Just as when we saw that part of these systems can fail by their own nature, they can also fail by humans and can also be cybernetically sabotaged to cause an explosion ”.

And he adds: “The greatest risk is cybernetic. Hackers, being inside Pemex and being able to extract confidential information, is an indication that they are already infiltrating critical systems ”.

The expert pointed out that Mexico is experiencing an “epidemic” of cyber attacks that increased during confinement by Covid-19.

“During the sanitary confinement, more electronic devices were used and the people who work in these government companies do so from their homes. And that leads to the systems being more vulnerable, because they do not have the protection mechanisms that regularly exist in institutional offices ”.

Visibly worried, the Mexican professor in Washington warned that “there is a possibility that (hackers) will carry out another attack and steal more information; and the one that they do not steal, they corrupt, they infiltrate ”.

What Pemex and the country in general need, the researcher indicates, is to create a legal framework to protect sovereignty and national interest in cyberspace, as well as the creation of a National Agency and a National Cybersecurity Police.

« What does the International Intelligence Community do? »

– The International Intelligence Community, we are people who study, analyze the cybernetic aspect for critical structures of governments and financial systems. What we are seeing lately is an increase in attacks on government companies and the financial system. This occurs because there is more use of electronic devices due to the epidemic, but we also think that there is a presence of amateur hackers who carry out this type of operation.

« What nations could they be from? »

—We know that countries like North Korea have a team of hackers specialized in attacking cybernetic systems on the financial spectrum. This group is known as the “Hidden Cobra”, which infiltrates financial infrastructures. In fact, it is believed that the cyber attack on Banxico was the “Hidden Cobra”.

Another very sophisticated group, already identified, comes from China. It is the one that infiltrates and currently has the largest intellectual property operations, through cyber-espionage systems. They are LI Xiaoyu 34 and DONG Jiazhi 33, said Professor Reyes.

(With information from Mario Alavez)