Latin America. A 24% increase in cyberattacks in Latin America occurred during the first eight months of this year, according to a report by Kaspersky's Research and Analysis team and presented through its annual report called "The Threat Landscape in Latin America 2021.
The report takes into account the 20 most popular malware, which account for more than 728 million infection attempts in the region—an average of 35 attacks per second. The conclusion of the specialists is clear: the security of technologies for remote work must be a priority and piracy, both on personal and professional devices, must be eradicated.
The growth trend in cyberattacks is also reflected in all countries, with the exception of Costa Rica, which registered a slight increase of 2%. The list of countries is led by Ecuador (+75%), followed by Peru (+71%), Panama (+60%), Guatemala (+43%) and Venezuela (+29%). In total, only the Top20 malware in the region generates an average of 35 attacks per second. In this context, Brazil leads the region with more than 1,390 infection attempts per minute, followed by Mexico (299 per minute); Peru (96 per minute), Ecuador (89 per minute) and Colombia (87 per minute).
For Dmitry Bestuzhev, director of Kaspersky's Research and Analysis Team for Latin America, the high rate of pirated programs in the region is a major driving factor for cybercrime. "When we analyze the blockades made by our technologies, we can identify malware families that allow us to say that Latin American Internet users open the door to cyberthreats, as they spread through pirated programs, allowing cybercriminals to obtain full control of infected devices," he explained.
The expert also emphasizes attacks that use PDF files and web Trojans that steal credit card data. "The interesting thing about these web attacks is that they don't infect the victim's machine. The malicious code is present on the website of some e-commerce or bank and the theft is done when the user enters their information on these sites," he explained. Bestuzhev also highlights that these web attacks have become the main vector of infection, both for users of the Windows and Mac operating system. In the case of MacOS, the analyst highlights that malicious adware and cryptocurrency mining are among the main threats to this operating system.
A curious thing that the Threat Landscape in Latin America 2021 revealed is that phishing attacks (fraudulent messages) have decreased. However, several countries in the region are among the most attacked in the world. Considering the proportion of users attacked during the first eight months of the year, Brazil is in first place with 15.37% of users who registered an attack attempt. It is followed by Ecuador (13.36%), Panama (12.60%), Chile (11.90% and Colombia (11.09%). It should be noted that Venezuela (7.19%) and the Dominican Republic (5.62%) are among the countries with the lowest number of social engineering attacks worldwide.
Another point revealed by the report is that the most common threats to Latin American netizens are focused on mobile platforms. According to the report, more than 173,000 attempts to infect mobile devices were recorded in the region between January and August this year – an average of nearly 20 attacks per hour. The main threat is adware programs that aim to generate profits by showing unwanted ads to their victims. However, the analyst points out that among the most prominent mobile threats are Trojans that raise privileges and allow rooting the phone, a function that grants full access to the device, and trojan spies (stalkerware).
"We classified commercial spyware as stalkerware. These are created by real companies that pass off the software as programs to monitor the online activities of children or employees. However, their real goal is to spy on spouses and partners, mainly women. This is a global problem that is related to violence against women," Bestuzhev said. At the beginning of the year, Kaspersky published a specific report on stalkerware, a threat that registers more victims in Brazil, Mexico and Peru.
Threats to companies
The analysis of the Threat Landscape 2021 in relation to the corporate environment indicates that companies did not migrate securely to remote work. Bestuzhev noted that the remote access technology required for the Home Office is not protected, leaving companies exposed to cyber threats.
"This type of attack exploits vulnerabilities present in remote access technologies or attempts to guess passwords to access an Internet-connected machine or server and enter the corporate network to steal data or extort money from its victim. Comparing the first eight months of 2021 with the same period last year, we see a 78% increase in these types of attacks," Bestuzhev said. The most attacked countries are Brazil (more than 5 million attack attempts this year), Colombia (1.8 million), Mexico (1.7 million), Chile (1 million) and Peru (507 thousand). The report also highlights that Costa Rica (378%), Venezuela (113%) and Argentina (91%) are the countries with the highest growth in PDR attacks compared to last year.
Another important factor in the business environment is piracy. The Threat Landscape analysis shows that the use of pirated software is present on Windows system workstations as well as on industrial operating systems. "Unfortunately, the vast majority of industrial systems are not up to date. That is, by using pirated programs, they do not receive the official security patches. As a result, we see wannaCry ransomware still circulating throughout industries, even after four years of the patch being issued," Bestuzhev said. In addition, the report shows that, on average, there is one attempted attack on industrial systems per hour in Latin America. As for Windows workstations, the cybersecurity company records more than 11,000 attacks per hour. Among the most common threats to Microsoft's operating system is a Trojan developed to steal business assets through diversion of funds, stalkerware, and remote administration tools.
Hacking is also present on servers, which often store all company information. "So far this year, we have blocked more than 1,000 attack attempts per hour against Windows servers in the region and recorded malicious cryptocurrency mining and WannaCry among the most popular threats. However, most worrying are the side-scrolling tools that indicate the existence of a targeted ransomware attack. These attacks have already grown by more than 700% this year," he explained.
Finally, the director of the research and analysis team released the statistics of attacks against Linux systems. According to the cybersecurity company's Threat Landscape 2021, 75% of the crashes occurred on Linux servers and the rest focused on virtualized environments. "The main threat to this operating system is malicious mining, Trojans created especially for this platform. Another highlight is the Javali Trojan, which is part of Tetrade, families of Brazilian Trojans that have expanded throughout Latin America and Europe, with an eye on financial theft."
Source: Kaspersky.
