As seen in Security News Desk Americas.
July 3rd 2020 by Editor
As the cyber world offers more possiblities, our data flows to the internet, making our personal and business information vulnerable to cyberattacks.
Sometimes not even the most top-notch cybersecurity systems can keep attackers at bay. Pretty scary stuff, huh?
Cybersecurity has been a growing issue worldwide for quite a while now. Thankfully, new technologies such as blockchain are surfacing and help securing our data.
The cybersecurity landscape
Two out of three businesses are victims of cyberattacks. All the while, 91 percent had up to date cybersecurity software when the intrusions happened, according to this year’s survey The Impossible Puzzle of Cyber Security by Sophos.
In Mexico, Colombia and Brazil, which participated in the survey, 33 percent of significant cyber attacks came via email. Another 30 percent transpired through malicious websites, 23 percent via software, and 14 percent from external devices.
Such a spectrum of attacks is one of the biggest issues surrounding cybersecurity. These sorts of crimes come from different sources, leaving organizations vulnerable in more than one way.
Nowadays attacks are also “multi-staged, coordinated and blended.” This means that cyberattacks spread, making it harder to stop them and demanding more from IT teams every day.
Types of cyberattacks
As described by Cisco, “a cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.”
The most common types of cyberattacks are phishing, data breaches, malicious codes, software exploits and ransomware. Here’s the low-down:
Phishing
The main purpose of this attack is to steal user data. Attackers may appear to be trustworthy when reaching out to the victim via email, text or instant message. All of this changes once the victim clicks a malicious link that leads to malware and ransomware attacks, though.
“El Machete” was a phishing cyberattack orchestrated by the Russians that affected several Latam countries. Victims would receive an email containing a porn powerpoint presentation. As soon as they opened the file, their computers were compromised.
The attack targeted embassies, intelligence, and military services, among other official institutions. Kaspersky Labs, a cybersecurity firm from Moscow, claims to have discovered the threat. Some of the affected countries were Peru, Venezuela, Cuba, Colombia, and Ecuador.
Data breach
This type of attack happens when protected and confidential information is exposed to a third party. Sometimes it’s sold for economic or malicious purposes. Once inside, hackers have a free-for-all with the information available.
Back in 2017 28 million users from Taringa! were victims of a data breach. Attackers got hold of emails and passwords. Taringa! then asked users to change their passwords and email for security measures. The worst part is, apparently the site barely even had any security for the accounts.
Malicious code (malware)
Basically, malware is any code with bad intentions. Internet users often suffer from malware through email, web content, altered “legitimate” sites, file downloads and push content.
In December 2018 over 2 thousand android users in Brazil received an attack by a malware virus. The trojan came disguised as an app on Google Play that supposedly monitored Android based services through WhatsApp. When active it would gain access to accessibility features and then gain entrance to people’s bank accounts.
Software exploits
Exploits are mistakes in software that give cyberattackers a “window” of opportunity. Hackers use these vulnerabilities to go into your system and plant a virus or any type of attack whatsoever. Once they’re in, you won’t notice until its too late.
There’s a civil case open against NSO Group, an Israeli surveillance company, to protect Mexican journalists’ human rights. The journalists were investigating drug cartels and were, therefore, targeted.
NSO’s Pegasus malware infiltrated their phones through a WhatsApp vulnerability. There were also reported attempts to install the malware on the lawyer’s phone.
Apparently introducing spyware through the app’s phonecall feature was also possible. Fortunately, everything is fixable with the new update. Keeping this in mind, this is why it’s crucial to perform software updates. By updating, you’ll be patching up the holes that might let cybercriminals in.
Ransomware
As the name states, this type of cyberattack requires you to pay a ransom to get your files and data back. Ransomware derives from malware. It can come via a phishing email, push content, file downloads, etc.
When active, it causes your software or computer programs to malfunction. Also, access to any files is denied until the ransom is paid.
In 2017 a massive ransomware attack took place. Over 74 countries were affected and Latin America was very much part of it.
The cybercriminals used technology from the N.S.A. to reach that many people. Everything started with a phishing email, later spreading around by hacking.
When in control, attackers demanded a ransom of 300 bitcoins or higher. Failing to pay the ransom resulted in the destruction of those files.
Threats in Latin America
Cyber threats affect Latin America as much as any other part of the world. Thanks to that, the cybersecurity industry market is developing and growing its own regional solutions.
AsThe Economy Journal states, the US$1 thousand billion-dollar cybersecurity industry in Latin America expects to receive US$12 thousand million on investments in the years to come. 10 percent of the investment is expected to take place in 2019. However, this is no surprise.
A security report on Latin America provided by ESET talks about how cyberattacks have increased in the region. According to the brief, three out of five Latin American businesses have suffered a cyberattack. Peru had the highest detection rate, followed by Mexico, Argentina, Brazil, and Colombia, respectively.
Usually, the leading concern would be malicious code. However, in 2018 ransomware took the crown. That rise in ransomware crimes is due to how cheap it is for attackers to facilitate these types of assaults.
Overall, 57 percent of companies received ransomware attacks. 55 percent of businesses suffered from data breach and, last but not least, malware affected 53 percent of organizations.
Based on the information mentioned above, the question persists: What are Latin American organizations doing to protect themselves?
Improved security through blockchain
As Latin America grows both economically and technologically, cyber-related crimes have increased as well. Needless to say that cybersecurity strategies must be developed and implemented to keep enterprises safe.
According to The Fair Observer, “a joint report by Microsoft and the OAS released in March 2018 estimates that the cost of cybercrime has reached US$8 billion in Brazil, US$3 billion in Mexico, and US$464 million in Colombia.”
One of the growing preventative trends regarding tech and cybersecurity is blockchain. The way Blockchain technology encrypts data makes it almost impossible for hackers to access it. That’s why the number of startups implementing it keeps growing.
A perfect example is a Mexican startup, Delta Protect. The company provides its clients with cybersecurity applications using blockchain technology. Also, CoinFabrik, a Brazilian startup that specializes in cryptocurrency security software, is a good example of technology applied in the region.
Additionally, there’s VU Security, a double-factor authentication solutions software from Argentina. These are just some of the Latin American startups securing Latin America’s cyber-landscape.
Thanks to the growing startup ecosystem, Latin America has a chance of fighting back cyber attacks. There’s no doubt that both businesses and individuals can be victimized by cybercriminals. Effective use cases of technologies like blockchain will definitely improve the region’s cybersecurity game.
Original article available at http://americas.com/cyber-attacks-latin-america/