The Mexican government is facing a digital security crisis driven by systematic reductions in funding for IT protection. A study conducted by El Universal and the Mexican Institute for Competitiveness (IMCO) reveals that various government agencies have slashed their cybersecurity budgets, even as cyberattacks across the country continue to rise.
The Ministry of Infrastructure, Communications, and Transportation (SICT) has seen the most significant cuts, with spending on security plummeting by 58% between 2018 and 2025. During this period, the agency's investment dropped from 1.793 billion pesos to just 265.5 million pesos.
This lack of funding has coincided with several critical security breaches. In October 2022, a ransomware attack compromised 110 SICT workstations, forcing the suspension of administrative procedures for several months.
Strategic sectors under threat
The energy and natural resources sectors are also showing signs of vulnerability. The National Water Commission (CONAGUA) reduced its cybersecurity expenditure by 38.24%, a move that preceded a 2023 attack by the BlackByte group, which paralyzed the agency's operations for two weeks.
In the case of Pemex, budget reductions reached 28.36% between 2018 and 2025. The state-owned oil giant previously faced a data kidnapping incident in 2019, when criminals demanded a ransom of $5 million USD in Bitcoin to release the stolen information.
The education sector has seen the most aggressive budget cuts. UNAM reduced its IT investment by 77.93%, a vulnerability that facilitated the hacking of five of its systems, which was confirmed on January 7, 2026.
Similarly, the Ministry of Public Education (SEP) saw its budget decrease by 27%. This cut occurred during the same period that the group 'Sociedad Privada 157' leaked massive amounts of student data from CBTis and CETis campuses in April 2025.
To mitigate these risks, the Agency for Digital Transformation and Telecommunications has implemented the General Cybersecurity Policy for the Federal Public Administration. The agency reported that, in its first year of operation, it detected 1,410 alerts and blocked more than 9.8 billion attack attempts.
However, experts are criticizing the lack of transparency in official reports. Specialists point out that this opacity prevents the public from understanding the true scale of the risks, making it harder to defend against bank fraud and other digital crimes.
