Cybersecurity Forecast 2022 for Latin America

In 2019 there were 42 malware attacks per second in Latin America, with a 13% year-on-year growth.

Cybersecurity Forecast 2022 for Latin America
Latin America's Cybersecurity Outlook for 2022 Photo by Jefferson Santos / Unsplash

For Kaspersky, the use of social networks for disinformation campaigns, the theft of keys on entertainment platforms, worms related to support for Windows 7, the increase in attacks on banks, the resurgence of ransomware and APTs, and the expansion of SIM Swapping, are among the threats that will plague the region in the coming year.

Santiago Pontiroli, an analyst at Kaspersky, noted that in 2019 there were 42 malware attacks per second in Latin America, with a 13% year-on-year growth. Likewise, he explained that the company detected 6.4 mobile malware per minute in the last 12 months, where Argentina appears behind the main markets in the region in terms of the number of attacks.

Regarding phishing, the specialist highlighted the strong presence of countries in the region in the global ranking. According to Kaspersky's experts, during the next year, we will witness the resurgence of attacks such as targeted ransomware and those focused on supply chains, as they have proven to be very lucrative and have a greater impact on attackers.

In addition, the social situation in several countries in the region will encourage the use of social networks for the manipulation of public opinion and disinformation, something we have already witnessed in recent months. Similarly, attacks carried out by both local threat agents and those based in other regions, but with an eye on Latin America, will lead to new challenges, even for those countries in the region where high-profile cyber-crime incidents are almost non-existent.

Cybersecurity forecast for Latin America

1. Manipulation of opinion via social networks Over the next year we will see even more examples of the use of social networks for the propagation of campaigns for misinformation and manipulation of popular opinion. Although we have already registered cases related to this issue, there is still no research that shows the main actors and the way they use the mass media to spread "news". The level of orchestration of such attacks will reach a prominent sophistication.

2. Infections via attacks on supply chains We anticipate that companies in the region dedicated to mass production of the software will become targets of such attacks. The level of maturity in cybersecurity of many of these companies, for example, those producing accounting software, is quite low. However, the market penetration of the software produced by these companies is often significant, which for cybercriminals would represent a high-impact attack with minimal investment.

3. Worm-like attacks, exploiting vulnerabilities in Windows 7 Since technical support for this system will end on January 14 next year and, according to Kaspersky's data, about 30% of users in the region still use it daily, cybercriminals will exploit the unpatched security holes in this OS to attack users, just as they did with Windows XP.

4. Theft of credentials related to entertainment sites With the growing popularity of streaming services (Netflix, Spotify, Steam) and the launch of new services (Disney+, HBO Max), it is clear that this type of crime will increase, as credentials sold in illegal markets will be a commodity among cybercriminals.

5. More bitcoin-related scams. Not only will there be an increase in attacks known as sextortion, where the victim is accused of having seen pornographic material on their computer and is threatened with public exposure, but also more elaborate scams to raise funds through phishing targeting users of buying and selling sites, as well as a cryptocurrency exchange.

6. Increase in attacks on financial institutions. Not content with attacking customers of financial services, cybercriminals now seek to compromise the banks themselves or any institution or organization that offers this type of service, such as correspondents or transaction hubs, as has recently been observed in Brazil, Mexico, and Chile. These types of attacks will continue in Latin America, carried out both by local cyber-criminal groups and by international groups such as Lazarus and Silence, which will increase their presence in the region.

7. Ransomware resurgence and more targeted attacks Next year, instead of demanding money for the decryption of information, we will see an increase in extortion campaigns, where the victim will be forced to pay a ransom so that their information will not be leaked into the public domain. This will be particularly problematic for hospitals, law firms, and accountants, as well as any entity handling regulated third-party information. Additionally, certain cyber-criminal groups will choose high-profile targets, where the impact of the attack and media interest may compromise the operation and reputation of the affected organizations.

8. Expansion of SIM Swapping as a service in Latin America, where criminals will offer to clone a particular line so that other individuals can carry out illicit activities, such as identity theft or gaining access to financial sites to steal the victim's money.

9. Humanitarian" export of attacks on financial institutions and their clients, related to regional migration and displacement of people for various reasons. These scenarios will bring new challenges, even for countries where high-profile cybercrime has been almost non-existent.

10. Increase in blackmail attacks directed at businesses and large corporations, due to the adoption of new legislation to criminalize data leakage incidents. These legislations, inspired by the European GDPR, are being adopted throughout Latin America, to apply harsh sanctions to companies that leave personal data exposed. As a result, criminals, by invading a corporate infrastructure and consequently stealing data, will launch attacks to blackmail the victim companies, who will have to choose between paying the fine imposed by the law or paying the criminal, causing direct losses to corporations in the region.

"2019 has confirmed the indispensability of cybersecurity, especially in corporate environments, by registering several significant data leaks, following attacks on businesses, vulnerabilities in instant messaging applications, and ransomware infections in municipal governments and critical entities," said Dmitry Bestuzhev, director of the Research and Analysis Team for Latin America at Kaspersky, in a statement. "By 2020, we predict an increase in these types of attacks in the region, especially those with the potential for a greater impact on the reputation of the victim entity, as well as on the number of people affected. This will also fuel the expansion of crimes that have not been deployed throughout the region, such as SIM swapping and certain types of financial attacks, carried out not only by local cybercriminals, but international attackers targeting Latin America".