Trend Micro, working with the Organization of American States, has released a study outlining the current state of cyber security in Latin America. The joint paper is titled Latin American and Caribbean Cybersecurity Trends and Government Responses. The region has a threat landscape that differs from other parts of the world with key differences in the threats seen, the cybercrime underground, and the ability of governments to respond. (We have also created an infographic that looks at the broader cybercrime underground, which can be found here.)
Looking at the feedback provided by the Smart Protection Network, the most common threat in the Americas and the Caribbean was file infectors, as this chart of the top malware threats in 2012 illustrates:
Figure 1. Top Malware Threats in 2012
The continued prevalence of old threats like file infectors is an indicator of a population’s lack of awareness in safe computer and internet usage.
As part of the study, we surveyed representatives from various OAS member-governments. Their responses revealed that citizens remain unconcerned and unaware of the dangers of cybercrime and hacking. Internet users in Latin America do not always keep their anti-malware solutions up-to-date and pay little attention to security concerns.
This may prove problematic in the long run, considering that internet use is increasing at one of the highest rates worldwide. As is happening now, unsafe use of the Internet is feeding the high levels of cybercrime in Latin America.
The region’s threat landscape is filled with organized groups led by a mix of political and financial motives. What makes it stand out are the new techniques and malware that allow attackers to target industrial control systems (ICS), which are critical for the smooth operations of essential services like utilities, banks, and water-purification plants.
On the other hand, the cybercriminal underground remains bent on retrieving sensitive information and profiting with the help of banking Trojans and botnets. The Latin American situation, however, has altered, probably in answer to Eastern Europe botnet crackdowns. For instance, the region’s threat actors use free hosting services instead of hijacked servers to evade law enforcement operations. They also trade cybercrime tools and stolen information over social networks and chat services, most notably Orkut and IRC.
Figure 2. Ads for tools and information
Governments in Latin America realize these dangers and are taking steps to protect their users and critical infrastructures. However, survey responses indicate that measures against cybercrime remain patchy and uneven across the region. Many OAS member states began their cybersecurity efforts by establishing Computer Security Incident Response Teams (CSIRTs) as part of their cybersecurity strategy, as in the case of Colombia and Panama. Other countries like Chile, Peru, Mexico, Trinidad and Tobago, Uruguay, and others are endeavoring to do the same.
On the whole, political leaders are aware of the dangers of cybercrime and hacking but efforts are often restricted by the lack of resources dedicated to building cybersecurity capacity and shortage of specialized knowledge and expertise to implement technical policies.
The study includes three recommendations for governments and organizations in the region to help improve the state of cyber security. These are:
- Raise awareness of safe cyberhabits and general cybersecurity awareness among Internet users, critical infrastructure operators, and government employees, a cheap and effective way to minimize cyber risks and close security gaps that remain wide open.
- Invest in and promote enrolment in technical-degree programs to ensure an ample pool of qualified candidates from which to draw professionals that will be needed to fill the increasing number of information security careers.
- Continue strengthening policy mechanisms to assign governmental roles and responsibilities related to cybersecurity and codifying information-sharing and cooperation mechanisms.
You may read the full paper here. For Spanish-speakers, you may also read the full paper in Español.
We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.