Colombia. Latin America registered more than 66,000 cybersecurity incidents during the first half of 2025, according to the State of Cybersecurity in Ecuador, Colombia and LATAM 2025 report, prepared by GMS Seguridad. Of that total, Colombia accounted for 25%, equivalent to 16,500 incidents, which means that one in four cyberattacks in the region targeted the country.
The study reveals that 70% of the attacks were multi-vectorial, that is, they combined different techniques such as identity theft, data theft and system hijacking, in order to increase their effectiveness and evade defense mechanisms. The most affected sectors in Colombia were finance, telecommunications, government, retail and health, all with a high level of digital exposure and critical operations.
"The fact that Colombia concentrates a quarter of the cyberattacks in the region reflects not only the level of digitalization of the country, but also the urgency of strengthening our prevention and response capacities. This data should be seen as an opportunity to accelerate cybersecurity maturity and better prepare organizations for the threats that will continue to evolve," said Alejandro Navarro, general manager of GMS Security in Colombia.
The report warns that one in four incidents registered in the country had a high level of criticality, and in several cases the information was stolen in less than five hours; In one in five attacks, data was compromised in less than an hour.
Among the most common modalities, hyper-realistic phishing – fake messages, emails or websites that accurately imitate legitimate sources to deceive users – and polymorphic malware, malicious software that continuously modifies its code to evade detection systems and remain hidden within networks, stand out.
"Artificial intelligence has made cyberattacks increasingly sophisticated and fast, making it easier for users to be deceived with false messages, images or environments. At the same time, it has become a key tool for reducing response times and anticipating attacks before they cause damage. The difference is in how it is used and how prepared the organization is to react quickly," Navarro added.
However, the report points out that Colombia faces structural limitations that reduce its capacity to respond to the increase in cyberattacks. These include a shortage of specialized talent, low investment in advanced infrastructure, and a lack of clear regulatory frameworks on the ethical and strategic use of technologies such as artificial intelligence. These gaps increase vulnerability, especially in organizations without dedicated digital risk management areas.
Finally, GMS Security recommends that organizations implement multi-factor authentication, strengthen cloud security, consolidate monitoring systems, and conduct periodic incident response drills. On an individual level, users should verify the authenticity of messages before clicking, keep their devices up to date, turn on two-factor authentication, and be wary of communications that seem too urgent or perfect to be true.


