As cyberattacks rise and countries begin to implement personal data protection and cybersecurity laws, Latin American companies are coming under pressure to take action to guarantee information security.
“In the face of incidents, it’s common for organizations to reevaluate and increase their investments in digital security measures,” Norberto Milan, VP of sales for Latin America at security company Palo Alto, told BNamericas.
“Lots of companies and governments are likely to increase their cybersecurity budgets to prevent future attacks and mitigate potential damage,” the executive added.
Data from consultancy Mordor Intelligence suggest that the cybersecurity market in Latin America will grow to US$8.92bn in 2024 and grow at a rate of 6.95% annually until 2029 when it reaches US$12.5bn.
Although companies in Latin America often have budget restrictions, personal data protection legislation in Brazil, Mexico and Chile is driving investment in cybersecurity and the adoption of security practices such as the ISO 27001 standard.
“However, it’s important to note that increased investment doesn’t guarantee protection against cyberattacks. The ever-evolving nature of digital threats means organizations must take a proactive, layered approach to protecting their assets, which may include investments in advanced security technologies, employee training, regulatory compliance and incident response practices,” Milan added.
THE SITUATION IN LATIN AMERICA
During 2023, there was exponential growth in ransomware attacks, where the attacker holds the organization’s data hostage with the aim of collecting a ransom.
Brazil was the country in the region that saw most of these cybercrimes with 63 incidents last year, followed by Mexico with 44 and Argentina with 23. Chile was fourth on the list with 21, according to data from the cyber intelligence center (CCI) of Entel Digital.
Last year, an IT services company in Chile, and Argentina’s national securities commission, as well as its national institute of agricultural technology and the Jockey Club, among others, suffered attacks with ransomware from the Medusa family.
In early 2024, Medusa also affected Digitel networks in Venezuela.
“One of the characteristics of the Medusa family is that it carries out several actions together to intimidate its victims, such as the selective deletion of data, the extension of the ransom period or the complete download of compromised information, each associated with a variable price,” Milan added.
The group also leaks information through Telegram channels.
In Chile, telco GTD suffered a ransomware attack, although it was not Medusa but Rorschach or BabLock, according to the computer security company Eset.
In Colombia, telecommunications provider IFX also suffered a significant ransomware incident that affected more than 700 organizations, including the judiciary, the health superintendency, the securities market regulator, and the trade and industry regulator, among others. At the time it was not revealed whether Medusa was also involved in the attack.
Similar events have been reported in other countries in the region such as Mexico and Peru.
In Paraguay, telecommunications operator Tigo also suffered a cyberattack in 2024 that is thought to have been ransomware.
According to Palo Alto, ransom demands have seen a significant increase, rising to an average US$350,000 in 2023.
OUTLOOK TOWARDS 2024
The Entel Digital report foresees a significant increase in the use of artificial intelligence and automation to detect and respond to cyberthreats, as well as the development of more sophisticated and specific security strategies to face dangers in IoT devices and hybrid work environments.
However, the same technology used for protection is what criminals use to carry out attacks. Palo Alto expects a significant increase in vishing (voice phishing) operations powered by AI-based voice chatbots, which use deepfake audio and advanced large language models (LLMs) to create compelling, hard-to-detect interactions.
In Latin America, there are also emerging risks due to attacks with malicious QR codes.
The increase in IoT devices also creates new challenges for cybersecurity by increasing the area vulnerable to attack.
Data from Unit 42 shared by Palo Alto shows that 85% of companies maintain remote desktop access protocol (RDP) for at least 25% of the month, which leaves them exposed to ransomware attacks or unauthorized access.