In recent years, cybersecurity has become a significant issue that affects governments, companies, and citizens alike. The increasing dependence on technology and the digitization of essential processes have brought about a new kind of threat that impacts all citizens equally. Their data is at risk if it falls into the wrong hands. Therefore, regardless of whether countries are developed or not, they need to implement measures to safeguard citizens’ data.
Cybercriminals are constantly looking for new ways to make their attacks even harder to predict, aiming to ask for substantial sums of money in exchange for the recovery of citizens’ data. Latin America, as one of the regions undergoing significant digital development during the last years, is not immune to this phenomenon. Additionally, it faces unique cybersecurity challenges, some of which are not present in other countries. These challenges include not only a lack of economic resources and training of public employees, but also the vulnerability of government institutions. Political issues further complicate these vulnerabilities, making their systems even more exposed to cybercriminals all over the world.
Real cases of cybersecurity attacks in Latin America
In one of the Central American countries, specifically in Costa Rica, there was a significant cyber-attack that drew the attention of other countries across the region in 2022. A Russian hacker group known as Conti managed to breach the Ministry of Finance’s systems, launching a series of events that exposed the country’s digital defences’ fragility. The hackers encrypted systems and demanded a ransom for their release, effectively affecting government operations and revealing vulnerability even in the most critical sectors. The impact rippled from tax collection to healthcare and public services. The hackers also sold Costa Rican citizens’ data on the dark web.
The crisis showed the urgent need for a robust cybersecurity strategy and highlighted the increasing importance of addressing digital challenges across the Latin American region. Some days after, as the government resisted paying the demanded amount, the hackers, as part of the ransomware strategy, proceeded to target other government institutions. Ultimately, the beginning of tensions between Russia and Ukraine and the war led the hackers to stop as the Conti group separated, this let the government recover some of the data and protect it but showed the importance of having a plan against this. Spain and other countries helped Costa Rica to get access to some of the information and to protect it.
Other countries affected
From Mexico to Argentina, cybercriminals have taken advantage of vulnerabilities in digital security to gain access to public and private institutions. The cases are on the rise, such as the incident that occurred in Brazil, where the judicial system suffered 13 consecutive attacks between 2020 and 2022. This series of attacks not only exposed the vulnerability of the judicial infrastructure in this country, but also the risk of essential evidence being lost or destroyed.
Argentina, on the other hand, faced an intrusion into its Civil Registry that resulted in the leakage and sale of personal data on the dark web, as it happened in Costa Rica. The attack on the country’s largest internet provider, which is Telecom Argentina, in July 2020, compromised 18,000 workstations and highlighted the exponential growth of cyberattacks in the country and Latin America.
Another example of weak cybersecurity in Latin America is the cross-border attacks that have occurred. The hacker group known as « Guacamaya, » named after a well-known bird in Central America, has targeted military institutions and mining companies in Colombia, Guatemala, and Chile. These attacks, which involve data leaks and service disruptions, that aim at socio-economic and political issues. The political climate in the region, which often affects human development in the region, also facilitates these attacks.
What are countries doing to protect themselves?
Some countries, such as El Salvador, have found it necessary to form agreements with companies to enhance their digital services. In August 2023, Google Cloud and the government of El Salvador will begin collaborating to place cloud technologies at the core of the country’s modernization efforts in three distinct areas: digital governance, healthcare, and education. El Salvador will utilize Google Distributed Cloud (GDC) as the foundation for this transformation. This will make El Salvador the first Latin American government to utilize this cloud tool. Google Cloud will assist the government not only in designing and implementing a cybersecurity strategy but also in providing tools for faster detection, investigation, and elimination of threats.
Other countries are also doing their part but plans against cybersecurity attacks should be implemented faster, Unfortunately, Latin America is the least prepared region in the world when it comes to cyberattacks, according to the latest edition of the Global Cybersecurity Index by the United Nations International Telecommunication Union. According to the index and other studies, the region falls even behind Africa and South Asia in areas like capacity building and the implementation of legal measures necessary to upgrade its defences against cyberattacks. Meanwhile, Latin America remains a particularly attractive target region for hackers and other digital criminals.
Sources:
https://www.elsalvador.com/noticias/nacional/google-podria-abrir-oficinas-en-el-salvador/1086253/2023/
https://www.eltiempo.com/tecnosfera/novedades-tecnologia/ciberseguridad-uno-de-los-frentes-mas-debiles-de-america-latina-799745