Online scams, ransomware attacks and phishing email schemes have proliferated in Latin America amid the coronavirus pandemic, exposing the dangers hackers pose to people, banks and governments. If the past is any indication, Latin America is largely unprepared for this new wave of cybercrime.
In Costa Rica, a ransomware app called COVIDLock spread across the country in the second half of March, targeting individuals and companies. COVIDLock relied on the people’s fear of the pandemic, claiming to prevent contagion by providing interactive maps of the virus’ spread. Instead, the application hijacked victims’ devices and demanded a ransom in the cryptocurrency bitcoin. The ransomware even tripped the alarms of one of Costa Rica’s national banks, alerting the security ministry to the cyberthreat.
In response Miguel López, Costa Rica's public prosecutor for cybercrime and fraud, took to the airwaves to warn citizens, predicting the number of malicious campaigns would only rise. His predictions came true in the first week of April, as banking and judicial authorities across Costa Rica reported scams related to unemployment benefits, electronic tax payments and social services, according to CRHoy.
Criminals in Puerto Rico, Guatemala and Mexico have also been exploiting fears of the health and economic crises to perpetrate phishing scams aimed at collecting sensitive information that allows them to commit insurance and identity fraud. The emails lure people with promises of government stimulus money, or COVID-19 tests and vaccines. The links that are then clicked solicit personal information or introduce malware.
In Colombia, meanwhile, authorities reported 160 complaints of cyber-fraud during the weekend prior to its official lockdown on March 24, a 60 percent increase compared to the same period in 2019, Cali’s El País reported.
In Mexico, tech experts warned in an interview with El Financiero that as the workforce there transitions to home offices, retail and financial sectors will be among the most targeted.
InSight Crime Analysis
Latin America has very high internet penetration but seems largely unprepared to counteract cybercrime. This means that, as governments impose stricter quarantine measures to fight back the coronavirus pandemic, individuals, corporations and critical infrastructure are vulnerable to attack.
Charity Wright, an analyst with global cyber threats firm IntSights Cyber Intelligence, said that countries with the largest economies -- Brazil, Mexico, Colombia and Argentina -- are the most likely to be targeted by hackers.
“They have the money, a huge population and are adopting new technology quickly, but at the same time these countries are very much behind the rest of the world in implementing cyber defense mechanisms, regulation and compliance policies across the board,” Wright told InSight Crime.
Mexico and Brazil already ranked seventh and eighth for the number of cyberattacks globally, according to a 2018 assessment by Europol.
As quarantines close non-essential businesses, people have begun banking, shopping and accessing government resources online, increasing the number of targets for phishing and malware schemes. Poorer and elderly residents desperate to access emergency benefits are among the most at risk of becoming victims of such attacks.
Critical infrastructure is also at risk. According to a 2016 report by the Inter-American Development Bank (IDB), four out of five Latin American countries profiled do not have a cybersecurity strategy or critical infrastructure protection plan in place. And a study by threat researchers at Recorded Future, a leader in cybersecurity intelligence, found that in 2018 a significant portion of the world’s malware attacks were concentrated in South America. The financial, energy, retail, entertainment, logistics and technology sectors were all targeted.
In the past year, Mexico has also been hard hit by a number of high-profile malware attacks, with cybercriminals successfully infiltrating both the state-run oil company Pemex in 2019 and the Ministry of Economy in 2020. In an interview with El Economista, experts blamed Mexico’s vulnerability on government cuts in technological investment.
Existing criminal groups may also turn to cybercrime to “replace income lost,” as illicit economies suffer the same disruptions in supply chains and distribution as legal ones, Global Initiative analysts said in a report published last month.
Wright agreed, saying that vendors of cybersecurity products in Mexico found that cartels and underground organized crime groups have collaborated with hackers.
“It is not their primary source of income or money laundering yet,” she said, “but they are increasingly adopting new hackers and technologies to hide their money and diversify their financial flows.”