This week in cyber news: Mexico’s Digital Transformation and Telecommunications Agency (ATDT) has formalized a new cybersecurity policy mandating the adoption of a Zero Trust architecture across federal entities. Meanwhile, Mexico and Estonia have established a parliamentary group to strengthen bilateral cooperation in digital government, cybersecurity, technology training and e-commerce. In other developments, a Chainalysis report revealed US$3.4 billion in losses from cryptocurrency theft in 2025.
More news below:
Mexico Mandates Zero Trust Across Federal Agencies
Mexico’s Digital Transformation and Telecommunications Agency (ATDT) has formalized the General Cybersecurity Policy for the Federal Public Administration, mandating the adoption of a Zero Trust architecture across federal entities. The new regulatory framework systematizes the protection of critical infrastructure following the registration of 324 billion attempted cyberattacks in 2024. “The General Cybersecurity Policy establishes the foundations to protect critical infrastructure, ensure the continuity of public services, and safeguard citizens’ digital rights and personal data,” the policy states in the agreement published in the Official Journal of the Federation (DOF).
Mexico, Estonia to Collaborate on Cybersecurity, Digitization
Mexico and the Republic of Estonia have established a parliamentary Mexico–Estonia Friendship Group to strengthen bilateral cooperation in digital government, cybersecurity, technology training and e-commerce. Deliamaria González Flandez, a federal deputy from the Green Party (PVEM) and president of the new group, said the initiative aims to expand exchanges in areas where Estonia has global experience, particularly in digitalization and electronic government, while creating opportunities for collaboration with Mexico’s public and private sectors.
Crypto Industry Hit by US$3.4 Billion in 2025 Theft Incidents
The global cryptocurrency industry faced a significant security crisis in 2025, marked by high-profile thefts and a concentration of losses in a few significant incidents. Between January and early December, stolen funds exceeded US$3.4 billion, according to Chainalysis’ latest Crypto Crime Report. The report indicates a structural shift in attack patterns, with the Democratic People’s Republic of Korea (DPRK) continuing as the primary threat actor in the ecosystem. North Korea-linked thefts totaled around US$2 billion in 2025, the highest annual figure on record, bringing cumulative DPRK-attributed losses to approximately US$6.75 billion. The three largest attacks of the year alone accounted for 69% of all service-related losses.
Thales Sets MFA as Core Security Standard, Aligns with CISA
Thales has positioned multi-factor authentication (MFA) as a structural security standard to counter escalating cyber threats, reinforcing its commitment to the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure-by-Design pledge. The shift reflects growing recognition that traditional, password-based credentials represent a critical vulnerability in increasingly complex enterprise environments.
