Latin America. After the recent massive ransomware attack on dozens of official entities in Colombia, experts have begun to talk about the vulnerability of governments in terms of cybersecurity.
This problem has been evidenced in the repeated attacks on public institutions throughout Latin America, a situation that contrasts with the notable state advances in areas such as digitalization ecosystems, migration to the cloud and teleworking, among others.
Since 2019, consulting firm PwC has tracked data from ransomware victims and identified at least 180 victims from the government sector and 26 cybercriminal groups 
in recent years.
Government agencies that have been victims of leaks or attacks receive a hard blow to their reputation, since the loss of confidential data and subsequent disclosure affects their credibility among citizens, as Oswaldo Palacios, Senior Account Executive of the company Akamai, points out.
"Although there is no way to establish the exact location, there are tools to mask the location of cybercriminals and be able to attack any target from a country other than their location. The location is presumed considering the attacked companies, language and ransom messages. Thus, the cyber police have managed to track the connections or attack centers, "explains the executive.
According to the National Cybersecurity Index (NCSI), which measures the preparedness of countries to prevent and manage cyber threats, Mexico and Honduras are the Latin American countries that receive the most cyber attacks, ranking above countries such as Jamaica, Argentina, Panama, Chile and Peru.
Key security actions
Given the seriousness of the phenomenon, companies such as Akamai recommend that government authorities take a series of measures to prevent ransomware cyberattacks, such as the one that occurred in mid-September in Colombia.
- Have a response plan that allows the State to create a set of well-defined processes for its cybersecurity team to follow as soon as an incident is discovered.
- Use least privileges to prevent hackers from easily appropriating devices and increasing their permissions, breaking into identity stores to move laterally.
- Using strong passwords and two-factor authentication means having an extra layer of security that complements the use of a password.
- Perform vulnerability tests, which allow government agencies most at risk of cyberattacks to benefit from assessments, making their environments more secure.
- Perform accurate analysis and assessment of critical infrastructure. There are solutions that achieve better visibility across platforms agnostically, rather than having to run multiple systems.
- Modern software-defined segmentation is the easiest way to reduce the blast radius of an attack without making changes to the IP address or VLAN, as it allows critical applications to be isolated.
Oswaldo Palacios stressed that in the absence of a National Cybersecurity Agency in most countries in the region, the creation of such an entity is a priority as a fundamental component to prevent cybercrimes and protect critical infrastructure.
