Over 600 GB of CFE’s internal network and security logs were exposed online

A significant data leak from Mexico’s state-owned Federal Electricity Commission (CFE), which supplies over 99 per cent of the nation’s power, has raised alarms.

For more than three years, over 600 GB of CFE’s internal network and security logs were publicly accessible, potentially exposing the company to cyberattacks.

Researchers warn that malicious actors could exploit this data to manipulate CFE’s Industrial Control Systems (ICS), risking equipment damage or nationwide power disruptions, reported Cybernews.

The leak was discovered by Cybernews researchers through a publicly accessible Kibana instance managed by a cybersecurity firm, Teliko.

Despite the alarming findings, CFE asserts that its operations remain secure, claiming the internal networks are isolated from the compromised information technology systems.

CFE stated that the exposed data, dating from January to October 2022, does not include sensitive operational information.

The leaked logs contain DNS queries, visited URLs, and alerts from security tools, revealing vulnerabilities that attackers could exploit.

Cybernews researchers indicate that if a single machine within CFE’s network is compromised, attackers could navigate laterally through the network, potentially affecting critical systems.

Attempts to contact CFE for clarification went unanswered, with 29 emails sent over five months.

Currently, the exposed Kibana instance appears to be offline.

This incident highlights the increasing targeting of critical infrastructure by cybercriminals.

Organisations managing these systems often rely on third-party vendors, which can create vulnerabilities.

The interconnected nature of outdated industrial control systems, lacking essential security features, further exacerbates the risk.

Recent global cyberattacks on critical infrastructure, such as the Colonial Pipeline incident, underscore the importance of robust cybersecurity measures.

Instances of breaches in water treatment plants and other facilities have been reported, illustrating the urgent need for improved defenses against such threats.