​Latin America braces for rise in cybersecurity threats

Ransomware, ATM jackpotting and advanced targeted attacks will become a norm in the region within the next few months, according to Kaspersky Lab.
Written by Angelica Mari, Contributing Writer

Latin America will see an increase in the occurrences and sophistication of cybersecurity threats in the coming year as local criminals catch up with more advanced techniques, according to security firm Kaspersky Lab.

Outlining the current state of cybercrime in the region at its annual Latin America analyst conference in Los Cabos, Mexico, the firm's executives painted a bleak future for local organizations, who are ill-prepared to deal with developing security risks.

According to Kaspersky Lab's global research and analysis head, Dmitry Bestuzhev, there are three key developments within security that decision makers in the region should be aware of. The first is the rise of ransomware: Bestuzhev says that 30 percent of all malicious email received by users in Latin America have ransomware content, which is a radical shift from recent months where criminals focused mainly on trojan attacks.

"This year, the [cybercrime] landscape in Latin America has changed. There is a clear sign that criminals are looking to diversify their business and are moving from simply stealing credentials such as credit card information to infecting machines and getting ransom payments by using bitcoins, which is easier for the criminals as it is hard to trace the money," Bestuzhev says.

The security expert adds that a second development within cybercrime in Latin America is the local development of ransomware, particularly by Brazilian criminals.

"Most of the ransomware was previously developed in Russia and criminals from Latin America would get the license from them as well as technical support and so on - it's a real industry. But that is changing fast," says Bestuzhev.

"Brazilians have started to develop their own ransomware systems, even though they are currently inferior - but that will soon change and local ransomware will become just as advanced as the Russian equivalent," he adds, citing the detecting of one such local system for the first time last week.

Another trend is that local cybercriminals will move towards attacks that generate more profit with less effort as well as a lower likelihood of getting caught, according to Bestuzhev, with techniques such as jackpotting - malware attacks that enable crooks to drain ATMs within minutes.

Jackpotting is something that is already common in other parts of the world but the Kaspersky executive predicts it will become common very quickly in Brazil and other parts of Latin America as criminals gain access to banks' networks through their own employees and outsourcing service providers - which is worrying for end user organizations, says Bestuzhev.

"The worst thing is that [companies] won't have a choice - the risk [of critical information getting leaked] is there whether companies use an outsourcing provider or their own in-house staff. There are no options, really - companies should just assume this is already happening to them," Bestuzhev adds.

Lastly, Bestuzhev predicts a rise in advanced persistent attacks (APTs) in Latin America within organizations in general. This is another kind of threat that has been a reality for companies in other parts of the globe for some time but it is becoming a much more obvious concern in Brazil and neighbouring countries in 2016 than ever before, according to the Kaspersky executive.

"Brazil will become increasingly interesting as a target - there is a lot of scientific research going on there, with large companies with a global footprint like [aircraft manufacturer] Embraer, as well as oil and gas giants which could be vulnerable to potential security disasters," Bestuzhev says.

Kaspersky wants to position itself more as a security intelligence provider rather than just a software vendor in Latin America. The company has boosted investment in the region, particularly in Brazil - the strategy has been delivering results, as the company has become the leader in the local consumer security market and fourth in the B2B space, according to IDC.

As the Russian firm progresses with its growth strategy in Latin America, Bestuzhev points out that despite the fact that Kaspersky cooperates with local authorities and governments under "gentlemen's agreements" to provide intelligence around security, it has faced resistance from some private organizations in the region, who are reluctant to share information about their cybercrime dilemmas for competitive or regulatory reasons.

"It's not like we can go to these companies and try and help them because we know of the threats they might be experiencing - they will just say they have their own resources and don't need us," the executive says.

"But the reality is that you can't possibly have all the in-house expertise required to deal with these threats and you need expert help," he adds.

"So it's just a matter of time until they come to us."

Angelica Mari has traveled to Mexico as a guest of Kaspersky Lab.

Editorial standards