Meanwhile, nearly 6.58 percent of mobile users in Brazil faced the same problem.. Simon Handler is a fellow at the Atlantic Councils Cyber Statecraft Initiative within the Scowcroft Center for Strategy and Security. In this installment of regional threat analysis, F5 Labs researchers break down the data collected by our sensors on attacks targeting Latin America from January 1 through March 31, 2021. This is a machine translation ofFortinet's press release. Three Reasons Why Latin America is Under Cyber Attack The 2016 Cybersecurity Report, Are we ready in Latin America and the Caribbean? Subscribe to Latin Americas most trusted business intelligence platform. Europeans, on balance, are more pessimistic than optimistic about whether their countries can deal with a large-scale cyber hack. This was not the first round of Guacamaya Leaks, though. Cybersecurity: Are We Ready in Latin America and the Caribbean? Online scams, ransomware attacks and phishing email schemes have proliferated in Latin America amid the coronavirus pandemic, exposing the dangers hackers pose to people, banks and governments. Top Source Organizations (ASNs) Serverius Holding B.v. (AS50673) from the Netherlands leads the chart with 47 million requests, followed by DigitalOcean (AS14061) from United States. They also have larger economies and populations, which allow them to invest more in cyber training and education., Hurel:Countries in Latin America have been continuously working to enhance cybersecurity, even though sometimes through piecemeal or fragmented approaches. Internet hosting provider Serverius Holding B.v. (AS50673) led the attack chart with over 47 million requests. This would provide public and private sector organizations access to professional cybersecurity capabilities and develop local cyber talent to work in the offices.. Thiscould also have a positive impact on social and economic issues.. Details of the top ASNs targeting Latin America, January through March 2021. There is also little public awareness of []. In Brazil alone, cyber attacks increased 197% in 2015, and a survey of Brazilian companies revealed that one-third had experienced a cybercrime (Trend Micro). Check out our 4-star rating on Charity Navigator. Analyzing the geographical sources of the IP addresses, malicious requests came from the following countries, in order: the United States, Lithuania, China, Russia, Germany, France, Brazil, the Netherlands, Argentina, and the UK (see Figure 1). Get started with some of the articles below: Sensor Intel Series: Top CVEs in April 2023, How Bots Ruined the PlayStation 5 Launch for Millions of Gamers. MIAMI (AP) The cyberattack crested just as finance officials from across Latin America were descending on Washington to commemorate the 60th anniversary of the Inter-American Development Bank. The age of Covid-19: Lockdowns and cybersecurity, 12 months on. Serverius Holding B.v. (AS50673) from the Netherlands leads the chart with 47 million requests, followed by DigitalOcean (AS14061) from United States. Latin America: share of mobile users attacked by malware 2022 - Statista All rights reserved. Nov 16, 2022 In the second quarter of 2022, around 7.19 percent of mobile users in Ecuador were attacked by malware. The FortiGuard Labs report is prepared quarterly for Latin America and the Caribbean, based on information obtained daily in real time. says that four out of every five countries in the region do not have a cybersecurity strategy or plans for protecting critical infrastructure. What is a cyberattack? | IBM Cybersecurity Governance in Latin America - Google Books Other topics focused on cyber response initiatives, cryptocurrency investigation, emerging cyber threats in Americas and sharing of investigative information. This text provides general information. Countries in the region generally lack robust legal frameworks and an effective oversight infrastructure to hold government surveillance and repressive powers accountable. Thanks, you're awesome! Contis message states there was no data encryption in DIGIMINs network, and that almost all documents the group downloaded were classified as secret. Carlos Solar,lecturer, Department of Sociology, University of Essex: Undoubtedly, more investments in human capital would go the furthest in building cyber capacity across Latin America. December 25, 2022 Espaol In 2022, cyber-attacks on government databases and systems broke into headlines in several Latin American countries. Idaho hospitals working to resume full operations after cyberattack Threat intelligence companies have already reported signs of that kind of activity., Shahwan Edwards:China has engaged in significant trade with countries in Latin America, as well as invested in regional infrastructureoften focused on ports, roads, energy and more. This means that technologies and services made in China are taking a larger piece of the information and communications technology (ICT) market, from mobile communications to new 5G networks. Due to varying update cycles, statistics can display more up-to-date Once infected, victims' devices can be taken over by criminals, who can use them to steal credentials, generate spam, and promote denial-of-service (DDoS) attacks, for example. With AI technologies such as ChatGPT readily available to the public, it is possible for hackers to generate malicious code and emails at a faster, more automated pace, Dembinsky noted. Latin America: A region of challenges and opportunities International Publics Brace for Cyberattacks on Elections Statista assumes no In Mxico, undue military influence seeking to hamper the investigation into the forced. The respondents from Latin America were led by Mexico with 24 percent, and Brazil with 19 percent. Safa Shahwan Edwards, Image: "Trust Your Instincts" by Abraham Pena/CyberVisuals. Cyberattacks saw a significant rise in 2022, mostly due to the increase in organizations going virtual to combat the effects of the Covid-19 pandemic, and the rise of smaller and more agile hacker and ransomware groups, new research has said. From a diplomatic point of view, Latin American countries are getting more involved in the discussions of both the First (Disarmament and International Security) and Third (Social, Humanitarian & Cultural) Committees of the United Nations, where both China and Russia have significant political interests. Analysis of the traffic yielded significant insights into the source and intended services that malicious actors wanted to abuse. The report highlights that Pars governor, Helder Barbalho, used the Verint tool the Civil Police acquired to spy on those investigating a corruption scheme in purchases of respirators during the Covid-19 pandemic. These must lead to real-world experiences building and managing cybersecurity capacity.. #5 Which Latin American countries punch above their weight in cybersecurity? Contreras:Although there is still much pending to do, countries such as Brazil, Colombia, Chile, and Mexico have taken the lead in developing their institutional capacities, including the development of laws, policies, and regulations. The earlier leak led to the Forbidden Stories Mining Secrets series, which reported alarming abuses by the Swiss mining conglomerate Solway Group in Guatemala. Get the best reports to understand your industry, Coronavirus: impact on internet and media in Latin America, Tech investment and innovation in Latin America. As we have pointed out, the widespread government use of malicious software without strict necessity and proportionality standards, strong due process safeguards, and effective controls have repeatedly shown dire consequences and led to a growing call for states to halt the use of malware in the absence of robust safeguards and mechanisms ensuring the protection of human rights. Verint Systems figures in as the main provider of remote-access tools. Adversary behavior in Latin America (LATAM) reflected innovation and tactical changes in the first half of the year. The Latin American Cybersecurity Market was valued at USD - GlobeNewswire Megacable reports a 9% increase in revenues, 10.5% in RGUs and 8.6% in unique subscribers, in the first quarter of Mexico needs deregulation in the telecom sector Amrica Mvil, American Tower closes sale of Mexican fiber business to Fl Networks, Clara raises US$60mn in investment round led by GGV Capital, US firm Avaya ramps up nearshoring in Mexico, Argentina, Mexico: Axtel reports first quarter 2023 results, Cirion's plans to spread its wings in Latin America, Telcel's 5G Network expands its coverage and availability to all its users in Mexico, Google Mxico S. de R.L. Besides, software providers building solutions for remote environments, such as online collaboration and communications tools, have also been heavily targeted. Contis action left parts of Costa Ricas digital infrastructure crippled for months, while at the same time disrupting public healthcare and the pay of some public sector workers. Venezuela is perhaps one of the greatest points of tension in US-Latin America relations when it comes to cybersecurityhaving recentlyattributedmore than one attack directed against their critical infrastructure to the United States. MENASource offers the latest news from across the Middle East, combined with commentary by contributors, interviews with emerging players, multi-media content, and independent analysis from fellows and staff. > Protect your devices with the best malware removal software. Notify me of follow-up comments by email. His career has included incident response, program management, penetration testing, code auditing, vulnerability research, and exploit development at companies both very large and very small. Government cybersecurity concerns should also entail the protection of security researchers and developers of secure software, instead of persecuting them based on vague cybercrime laws or problematic interpretations of cybercrime provisions. 2022 saw a huge rise in cyberattacks | TechRadar In most of them, the hacktivist group exploited Proxy Shell vulnerabilities in Microsoft Exchange email servers. In the first half of 2022, 10,666 ransomware signatures were found in Latin America, with only 5,400 seen in the last half of 2021. around 10 terabytes of emails from mainly military institutions in Chile, Mxico, Per, Colombia, and El Salvador. The region should follow the success models from, for example, Israel and South Korea, and further develop their cyber industries. A case brought before the Inter-American Court of Human Rights (IA Court) this year, where. Table 2. Latin American countries are beginning to do more to improve their cyber preparedness, as evidenced by Brazil's publication of its first national cybersecurity strategy in 2020, but, by and large, their capacity and awareness remain insufficient to counter the panoply of cyber threats to the region. Louise Marie Hurel,PhD researcher, Department of Media and Communications | London School of Economics and Political Science (LSE): From a policy standpoint, there is a need for cyber capacity-building efforts that can help bridge the gap between technical security experts, civil society, and policymakers. Cyberattack definition, an attempt to damage, disrupt, or gain unauthorized access to a computer, computer system, or electronic communications network. While cooperation on cyber capacity building is welcome, countries might also be reluctant to engage if the United States takes a more interventionist approach to combat cyber conflicts., Shahwan Edwards:The United States should be an active partner with Latin American states and focus its attentions on cyber diplomacymore specifically, capacity building. office, making them available by request for journalists and others committed to investigating the institutions ties with drug trafficking, military and paramilitary groups, and corrupt companies. Through these capabilities, FortiGuard Labs permanently provides the IPS signatures needed by organizations to detect and mitigate these threats. When major global news breaks, the Atlantic Councils experts have you covereddelivering their sharpest rapid insight and forward-looking analysis direct to your inbox. FortiGuard Labs continuously monitors the attack surface across Latin America and the Caribbean and, having more than 60% of the number of enterprise security appliances deployed in the region*, has unrivaled visibility in the market. warned the government about its cyber security vulnerabilities. Unfortunately, we expect the increase in cyberattack activity to only increase. Table 1 lists the ASN details. Despite the existing challenges, a comprehensive approach to cyber security, including training for every network engineer, can help to protect organizations from cyber attack. Finally, they should not result in policies that oppose privacy and security, but in measures that recognize both rights are intrinsically related. Schwab Foundation for Social Entrepreneurship, Centre for the Fourth Industrial Revolution. Organized criminal groups and non-state actors, particularly in countries such as Brazil, Colombia, and Mexico, are starting to shift the way they operate and invest in cyber-criminal operations, which is something that I predict will continue to increase over the next five years., Crowther:The most influential non-state and/or private sector cyber actors in the Western Hemisphere are transnational criminal organizations that are expanding horizontally into cybercrime because it works and is lucrative. The votes and positions of the Group of Latin America and Caribbean Countries will be of relevance during the negotiations, including those that have already signed or requested adhesion to the Budapest Convention, such as Brazil., Crowther:China and Russia are operating in both government and private sector networks throughout the hemisphere. This vulnerability allows remote complete code execution (RCE) on a vulnerable system. Other highlights from the first half 2022 report: During this first semester, the most detected exploit technique in the region was related to the vulnerability known as "Log4Shell". However, most concerns across the region focus on cybercrime, with recent attacks directed against financial institutions. Latin American and Spanish telecommunications companies have made important advances in their privacy policies and practices, but persistent gaps and worrying trends pose potential risks for internet and mobile phone users, according to a new consolidated report published today by EFF. clearly and specifically regulate the use of malware, despite evidence of its recurrent use in the country. > Cyberattacks are basically a way of life for most businesses now To comment, first sign in and opt in to Disqus. states there was no data encryption in DIGIMINs network, and that almost all documents the group downloaded were classified as secret. Great! Inter-American Development Bank, Organization of American States, Global Cyber Security Capacity Centre at the University of Oxford. On the other hand, a strong distribution of malware was also observed in the region through Office documents, mainly Excel, which allows the attacker to take advantage of the application vulnerability to execute instructions or gain access to the .system file. Subscribe to the leading business intelligence platform in Latin America with different tools for Providers, Contractors, Operators, Government, Legal, Financial and Insurance industries. Military-to-military diplomacy for cybersecurity is a trend that Washington wants to expand further and counterbalance Beijing and Moscow. Figure 2 lists details of the top 10 ports scanned and associated services. The State of Cybersecurity in Mexico: An Overview The top most targeted ports by volume were VNC port 5900, SSH port 22, and Telnet port 23, indicating threat actors attempts to gain remote access to servers. Sadly, the researchers dont expect things to get any better in the future - and if anything, theyre expecting things to worsen, courtesy of the rise of ChatGPT and other AI-powered solutions. Prioritize hardening and patching for exposed ports that are commonly attacked like HTTP, VNC, and SSH. Craig Jones, Director of Cybercrime Directorate, INTERPOL. This is line with INTERPOLs global strategy, with other desks previously set up in Africa and the ASEAN regions. You should receive your first email shortly. based on vague cybercrime laws or problematic interpretations of cybercrime provisions. TechRadar is part of Future US Inc, an international media group and leading digital publisher. Large multinational companies and selected indigenous companies have a certain level of cybersecurity capability. Panel discussion regarding cooperation on operations and intelligence sharing. A weekly update of the most important issues driving the global agenda. Simon Handler. The Chilean Armed Forces have also, civil society organizations and elected politicians through social media. Top 10 countries attacking Argentina, Brazil, Chile, Colombia, and Panama, January and February 2021. Short of major investment in the area (which will remain depressed due to the ongoing global pandemic), there will not be any gains in cybersecurity that are not matched by transnational criminal organizations or global cyber actors that commit crimes, such as North Korea, which will both have more resources available than most actors in the Western Hemisphere., Shahwan Edwards:Broadly, private industry is the most influential actor in Latin America at this moment. We dont need bugs in our pockets. A private and secure internet should be built Avoir une conversation prive est un droit humain fondamental. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). The Cipher Brief spoke with . A case brought before the Inter-American Court of Human Rights (IA Court) this year, where EFF and partner orgs filed an amicus, provides a crucial opportunity for the IA Court to ensure inter-American human rights standards serve as a check on unparalleled surveillance powers in the digital age. A new vuln popped up in our traffic this month, as well as lots of the same old CVEsIoT and Microsoft Exchange. Financially motivated groups have not only targeted organizations across Latin America, primarily with ransomware, but they have also broadened the scope of their operations. Contreras:Companies such as Amazon, Google, Meta, and Microsoft, are investing in policy development efforts, influencing the political dialogue, and ensuring that their interests are taken into consideration. In a joint effort, digital rights groups R3D, Article 19 Mxico and Central America, SocialTIC, and Citizen Lab gathered evidence that at least two journalists and one human rights defender, working on issues related to Armed Forces human rights violations, suffered attacks from NSO Groups Pegasus malicious software between 2019 and 2021. Figure 1. That was the case of REvil ransomware attacks directed againstMexicanandChileanbanks earlier this year. Thanks for signing up! Group photo of participants at 7th INTERPOL Americas Working Group on Cybercrime. Ironically, Chinese and Russian support for Venezuela has really motivated Colombia to develop a significant capability., Hurel:There is a considerable amount of focus, particularly in the United States, United Kingdom, and Europe, on state-sponsored cyber operations from China and Russia. The author organizations stress that the Army does not even have the legal power to intercept the private communications of civilians. He is also the editor-in-chief of The 55, a series on trends and themes in cyber policy. Like the rest of the world, the number of people gaining access to Internet-connected devices in Latin America is growing. This was not the first round of Guacamaya Leaks, though. Nowadays, one can see Russia developing relationships through arms sales and energy investments to maintain its presence in the Western Hemisphere., Solar:Beijing and Moscow meet different needs in the region. Cybersecurity This is the biggest threat to Latin America's digital transformation Mar 13, 2018. Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! The group also said it was responsible for the cyber-attacks on Hiroshima on the occasion of the G7 summit, which was . Versions of the, sought to authorize law enforcement access to electronic evidence through. Prior to joining F5 Labs, he was a Senior Security Engineer with the F5 SIRT. . In total, the Latin America and Caribbean region has suffered 137 billion attempted cyber attacks. 2007 cyberattacks on Estonia, wide-ranging attack targeting government and commercial institutions. As, Maria Paz Canales points out, such leaks are often the only meaningful source of information available to the public on arbitrary practices by armed forces and intelligence agencies in Latin America. A report from Check Point Research (CPR) claims that, year-on-year, the number of cyberattacks grew by more than a third (38%). Clicking on the following button will update the content below. Cyber attack tied to China boosts development bank's chief Governments should try to create opportunities that bridge education programs with job prospects, for example, encouraging graduates to launch new cybersecurity initiatives such as joint initiatives with public institutions at all levels of government. The report is based on the analyses and VIENA-El martes 18 de abril, a las 10:00 am hora del Pacfico (1:00 pm hora del Este), expertos de Electronic Frontier Foundation (EFF) y tres aliados latinoamericanos de derechos digitales informarn a los reporteros sobre las amenazas nicas a la privacidad que plantea la propuesta de Tratado sobre Delitos EFF and international allies Access Now, Article 19, Epicenter, and Global Partners Digital are in Vienna this week and next for the fifth round of negotiations on the proposed UN Cybercrime Treaty, along with the over 100 representatives of Member States hashing out a new draft text.While we have not VIENNAOn Tuesday, April 18, at 10:00 am Pacific Time (1:00 pm Eastern Time), experts from Electronic Frontier Foundation (EFF) and three Latin American digital rights allies will brief reporters about the unique threats to privacy posed by the proposed UN Cybercrime Treaty, which could authorize the use of s October 2017The Russian Federation presents a letter to the UN General Assembly containing a draft of the United Nations Convention on Cooperation in Combating Cybercrime, intended for circulation to Member States. Cyber attacks are on the rise globally, but Latin America is seeing more than its fair share. , the widespread government use of malicious software without strict. Government cybersecurity concerns should also entail the protection of, and developers of secure software, instead of. Cyber attacks in Latin America - the growing need for - Contxto A major hack into classified government information in Mexico, including thousands of emails from the armed forces, exposed the country's vulnerability to cyberattacks due to under-investment and . Bratislava faced massive cyber-attack during GLOBSEC conference of Pers Ministry of Interior (DIGIMIN), seeking a ransom in order not to publish the information obtained. Operational data vital to reduce global impact of cybercrime. Top 5 Cyber Attacks in Latin America in 2021 December 6, 2021 Latin America pictures the largest conglomeration of states that jointly pose remarkable economic growth. For example, there is still a lot to do in Central America and the Caribbean. Attack traffic volume targeting specific ports and services, January through March 2021. legal frameworks and an effective oversight infrastructure to hold government surveillance and repressive powers accountable. If Latin America builds its cyber capacity, it could offer expanded skills and personnel capabilities to the United States and other developed countries currently in need of cybersecurity. Web-based malware has been one of the most effective ways for adversaries to distribute HTML and/or Java Script-based malware, using millions of malicious URLs as distribution channels. The security vulnerabilities of electronic systems and devices open a dangerous backdoor to our daily communications, movements, and lives, as well as to governments and companies critical systems and databases. However, China is a big trade partner with many countries in Latin America and could use cyber capabilities to pressure negotiations. Figure 5. According to the OAS cybersecurity observatory, most Latin American states are in the early stages of cybersecurity development. The, to government surveillance is a persistent challenge in the region. Modern enterprises need to ensure that they have up-to-date visibility into exposed services, strong authentication, and an efficient and effective patching policy.