• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Bad Sites   »   The State of Cybersecurity in Latin America

The State of Cybersecurity in Latin America

  • Posted on:May 3, 2013 at 2:30 am
  • Posted in:Bad Sites
  • Author:
    Trend Micro
0

Trend Micro, working with the Organization of American States, has released a study outlining the current state of cyber security in Latin America. The joint paper is titled Latin American and Caribbean Cybersecurity Trends and Government Responses. The region has a threat landscape that differs from other parts of the world with key differences in the threats seen, the cybercrime underground, and the ability of governments to respond. (We have also created an infographic that looks at the broader cybercrime underground, which can be found here.)

Looking at the feedback provided by the Smart Protection Network, the most common threat in the Americas and the Caribbean was file infectors, as this chart of the top malware threats in 2012 illustrates:

Figure 1. Top Malware Threats in 2012

The continued prevalence of old threats like file infectors is an indicator of a population’s lack of awareness in safe computer and internet usage.

As part of the study, we surveyed representatives from various OAS member-governments. Their responses revealed that citizens remain unconcerned and unaware of the dangers of cybercrime and hacking. Internet users in Latin America do not always keep their anti-malware solutions up-to-date and pay little attention to security concerns.

This may prove problematic in the long run, considering that internet use is increasing at one of the highest rates worldwide. As is happening now, unsafe use of the Internet is feeding the high levels of cybercrime in Latin America.

The region’s threat landscape is filled with organized groups led by a mix of political and financial motives. What makes it stand out are the new techniques and malware that allow attackers to target industrial control systems (ICS), which are critical for the smooth operations of essential services like utilities, banks, and water-purification plants.

On the other hand, the cybercriminal underground remains bent on retrieving sensitive information and profiting with the help of banking Trojans and botnets. The Latin American situation, however, has altered, probably in answer to Eastern Europe botnet crackdowns. For instance, the region’s threat actors use free hosting services instead of hijacked servers to evade law enforcement operations. They also trade cybercrime tools and stolen information over social networks and chat services, most notably Orkut and IRC.

Figure 2. Ads for tools and information

Governments in Latin America realize these dangers and are taking steps to protect their users and critical infrastructures. However, survey responses indicate that measures against cybercrime remain patchy and uneven across the region. Many OAS member states began their cybersecurity efforts by establishing Computer Security Incident Response Teams (CSIRTs) as part of their cybersecurity strategy, as in the case of Colombia and Panama. Other countries like Chile, Peru, Mexico, Trinidad and Tobago, Uruguay, and others are endeavoring to do the same.

On the whole, political leaders are aware of the dangers of cybercrime and hacking but efforts are often restricted by the lack of resources dedicated to building cybersecurity capacity and shortage of specialized knowledge and expertise to implement technical policies.

The study includes three recommendations for governments and organizations in the region to help improve the state of cyber security. These are:

  1. Raise awareness of safe cyberhabits and general cybersecurity awareness among Internet users, critical infrastructure operators, and government employees, a cheap and effective way to minimize cyber risks and close security gaps that remain wide open.
  2. Invest in and promote enrolment in technical-degree programs to ensure an ample pool of qualified candidates from which to draw professionals that will be needed to fill the increasing number of information security careers.
  3. Continue strengthening policy mechanisms to assign governmental roles and responsibilities related to cybersecurity and codifying information-sharing and cooperation mechanisms.

You may read the full paper here. For Spanish-speakers, you may also read the full paper in Español.

We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»
Tags: cybercrimeLatin AmericaOASthreat landscape

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.