In recent times there has been an increase in cyber threats. The increase in digitization has increased the potential attack surface, which implies new security attacks.
In Latin America, organizations have been victims of cyberattacks, on average, about 1,586 times per week in the last six months, according to data from the cybersecurity company Check Point Software.
In Colombia, specifically, attacks on companies occur 2,387 times a week, which places it in the east as the third most attacked country in Latin America, after Bolivia and Jamaica.
Particularly noteworthy is the increase in malware attacks that hijack and encrypt data, known as ransomware. According to the aforementioned report, there was a 14% year-on-year increase so far in 2022 in such threats around the world: 1 in 60 organizations are affected by ransomware attacks on a weekly basis.
“Cyber attacks continue to grow at an alarming rate, in volume, sophistication and impact. In this age of too much cybercrime, the need to protect organizations from advanced attacks is more important than ever. Companies must use pioneering technologies to remain protected. Due to this scenario, organizations must prioritize prevention if they want to combat this growing threat,” explains Ray Jiménez, vice president for Latin America at Check Point Software.
Digital transformation efforts have dramatically accelerated as companies embrace hybrid and remote working. This new virtuality brought with it new challenges in terms of cybersecurity, as evidenced by the numbers shared in this report.
A new chapter in the ransomware ecosystem
Over the last five years, ransomware operations have been transforming. They went from being random email threats to organized attacks, targeting organizations around the world.
The report found that the Threat groups around the world are using Russian/Ukrainian-themed documents to spread malware and lure victims into cyber espionage.
Depending on the targets and the region, cybercriminals are using lures ranging from official-looking writing to news articles and job postings.
The researchers believe that the motivation for these campaigns is cyberespionage, the purpose of which is to steal sensitive information from governments, banks and energy companies. Attackers and their victims are not concentrated in a single region, but are spread across the globe, including Latin America, the Middle East, and Asia.
In addition to the war between Russia and Ukraine, Russian ransomware group Conti threatened to topple Costa Rica’s newly elected government with a cyber attack Y asked for a ransom of USD 20 million to get a decryption key to unlock the hacked systems.
From these attacks, the group Conti takes triple extortion to a new level, attempting to intervene in the internal affairs of a sovereign country. This event probably started out as a regular tactical ransomware attack event, but quickly evolved into a new type of event that has significant financial and geopolitical consequences.
Peru is another victim of extortion by the Conti group. The public stage of the extortion attack against that country began on May 7 and it currently focuses on two key government entities: the Ministry of Finance and the General Directorate of Intelligence. The extortion against Peru is an ongoing event, and is currently in much earlier stages than the event against Costa Rica.
“These recent massive ransomware attacks in Costa Rica and Peru, both allegedly carried out by the infamous Conti ransomware group, show us that the Conti attacks are in line with what we have been saying for some time: Ransomware attacks are on the rise, with double and triple extortion, and are increasing to the point that countries are brought to a standstill. Governments and organizations simply can no longer afford to settle for second best security,” says Francisco Robayo, Engineering Leader for Latin America at Check Point Software.