A recent report by Trend Micro has highlighted the steep rise in cyber crime originating and targeting Latin America and the Caribbean. The report was prompted by what TrendMicro call “incomplete” knowledge of the cyberthreat landscape in the two regions.
The report, which comes as the use of technology and the internet has increased in these regions over recent years, brought to light the opportunistic tactics of cyber criminals who prey on newly emerging technologies before they have been adequately protected. It also highlighted that many countries in the two regions do not have adequate security threat detection or defences and so many incidents go either unnoticed or unabated.
The study threw up some interesting results. For example, between the countries included in the study, the increase in incidents from 2011 to 2012 ranged from 8% to 40%, however, some countries reported a decreased number of incidents overall. Some countries’ national cyber security organisations stated that their individual results may have been skewed in many cases by improved detection results, this is emphasised by the fact that countries with newly established cyber security agencies have some of the highest increases in threats detected. Trend Micro stated that these types of results “reinforced the notion that attacks had been occurring all along but had simply gone undiscovered or undocumented”.
The main emphasis of the report is on the relatively underdeveloped cyber security setup of the two regions. This is not altogether surprising as you would expect from two regions largely made up of developing nations. As computers and other types of technology, such as mobile devices, become more popular, more and more people are becoming exposed to what is already a very sophisticated and developed cybercrime landscape. The techniques being used to target business, such as banks, and individual users are nothing new, and have been seen in many developed countries for a number of years. The crucial difference is many governments and institutions in the Caribbean and Latin America have not invested in their cyber security strategy as much as other parts of the world, either because of a perceived lack of threat, or lack of resources.
However, the report does mention that threats from hacktivist groups did in fact inspire some governments to rapidly invest in their internet defences. The report mentions two participating countries were threatened with action by political groups, which “motivated both governments to implement plans of action to mitigate and respond to potential attacks.” These threats were never carried out but they did bring about cooperation between what Trend Micro call “key stakeholders”, namely law enforcement agencies, ISPs and an infrastructure operator which helped improve the countries’ “national cyber resilience”.
As a whole, hacktivism was still relatively low as motivation for hacking and general misuse of the internet. Monetary gain was still the most common reason for cybercrime, with hackers targeting financial and personal details to be used on the international black market. The report does make a startling claim, that in 2012 the “economic impact and loss hacking caused…is likely greater than the loss caused by any other form of crime, including drug trafficking.”
The report concludes by saying that all of these factors, as well as many others detailed in the report lead to an inadequate “awareness of the problem” and “continued vulnerability” for the two regions. There is no doubt that in time more investment will be made in the cyber security strategies of these regions but until this is done, the regions will continue to be hit with wave after wave of hacking attack.