HomeNewsLatin American Governments Easy Prey for Ransomware During COVID-19

Latin American Governments Easy Prey for Ransomware During COVID-19


A recent cyberattack that hit government websites in Brazil, including platforms that track vaccinations and epidemiological data on COVID-19, has stoked concerns about a surge in ransomware attacks on critical infrastructure in Latin American countries.

The series of attacks, which occurred throughout December, compromised the Ministry of Health's portal, including DataSUS, a platform that gathers information on COVID-19 cases and deaths, O Globo reported. The platform remains down and is not expected to be back online until January 15, Health Minister Marcelo Queiroga said. ConectaSUS, the application for issuing vaccination certificates, was also knocked offline for nearly two weeks until being restored at the end of December.

Reuters reported that the hacking collective, Lapsus$ Group, claimed responsibility for the attacks, leaving a message that said internal data had been copied and deleted. "Contact us if you want the data back," the group said.

Other websites infiltrated by the group were linked to the country's National Land Transport Agency, the Ministry of Economy and the Federal Highway Police, according to security officials.

The hackers left a message on one government site that made clear the incursions were part of a coordinated ransomware attack. "Let's get a few things straight: our only goal is to get money," the group said in the message, which was quickly removed, according to Brazilian newspaper, O Estado de S. Paulo.

Hackers have focused on Brazil in the past for ransomware attacks, including holding hostage data linked to the country's courts, national library, energy companies and major industries.

SEE ALSO: Pins and Needles – How Credit Card Fraud Works in Latin America

Such attacks were a scourge throughout the region in 2021, with criminals making demands on the National Lottery Service and the Ministry of the Economy in Mexico; banks and major news outlets in Chile; and medical centers in Argentina.

In Uruguay, hackers ransomed the data of the Naval Service last year. Public institutions in the country were attacked, on average, once every three hours, according to local newspaper El Pais.

InSight Crime Analysis

Brazil's attacks cap off a year in which Latin America has seen an explosion in ransomware attacks, as hackers use new tactics to target critical web infrastructure left unguarded.

"Cybercriminals are using vulnerability scanners," Danny Paton, a cybersecurity expert focused on Latin America and the Caribbean, told InSight Crime. "The process is somewhat automated. Once they find something that's open, they will attack it," he said.

SEE ALSO: Latin America Under Threat of Cybercrime Amid Coronaviru

Cyberattacks in Latin America increased by 24 percent in just the first eight months of 2021, according to cybersecurity giant Kaspersky.

Steph Shample, a senior cybersecurity expert with internet security firm, Team Cymru, said that the more sophisticated hackers use public information to adjust the vulnerability scanners to target regions and countries where they know protection is lagging.

"Latin America is exploding as far as interconnectivity and with that connection come risks that aren't being addressed," Shample told InSight Crime.

A 2020 study by the International Development Bank (IDB) found that only seven out of 32 Latin American countries have a critical infrastructure protection plan. The IDB defines critical infrastructure as the systems and networks vital to national security, economy, public health and safety.

Mexican cybersecurity expert Hiram Alejandro said that Latin American governments, including Mexico, are even lagging in identifying the institutions they consider critical infrastructure in the context of cybersecurity.

"Without that definition, you don't know what to prioritize," he told InSight Crime. "That's what we're missing. Russia, the United States, Europe, Asia have defined [what's critical] and implemented cybersecurity measures for it."

In 2019 and 2020, Mexico saw high-profile attacks on state-owned petroleum company Pemex and the Ministry of Economy. In both cases, criminals wreaked havoc on the government institutions to extort large payouts.

Cybersecurity firm, Intel 471, said insecure critical infrastructure would continue to be an exceptionally "juicy target" for criminals involved in ransomware.

Shample agreed.

"Let's be serious. There's a lot of ego in cybercrime, and a lot of these guys will want the bragging rights of ransoming an entire country, like Colombia or Brazil," she said. "That gets them money and makes them famous in the underworld."

share icon icon icon

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


What are your thoughts? Click here to send InSight Crime your comments.

We encourage readers to copy and distribute our work for non-commercial purposes, with attribution to InSight Crime in the byline and links to the original at both the top and bottom of the article. Check the Creative Commons website for more details of how to share our work, and please send us an email if you use an article.

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


Related Content

BRAZIL / 11 AUG 2021

A number of recent raids have highlighted how illegal pesticide smuggling in Brazil is fueled by Chinese contraband.


The loosening of firearm restrictions in Brazil is creating new channels for criminal groups to obtain weapons via legal means…

BRAZIL / 2 NOV 2021

Organized crime groups in Latin America continue to expand into illicit synthetic drug production, including mass manufacturing of methamphetamine and…

About InSight Crime


All Eyes on Ecuador

2 JUN 2023

Our coverage of organized crime in Ecuador continues to be a valuable resource for international and local news outlets. Internationally, Reuters cited our 2022 Homicide Round-Up,…


Open Position: Social Media and Engagement Strategist

27 MAY 2023

InSight Crime is looking for a Social Media and Engagement Strategist who will be focused on maintaining and improving InSight Crime’s reputation and interaction with its audiences through publishing activities…


Venezuela Coverage Receives Great Reception

27 MAY 2023

Several of InSight Crime’s most recent articles about Venezuela have been well received by regional media. Our article on Venezuela’s colectivos expanding beyond their political role to control access to…


InSight Crime's Chemical Precursor Report Continues

19 MAY 2023

For the second week in a row, our investigation into the flow of precursor chemicals for the manufacture of synthetic drugs in Mexico has been cited by multiple regional media…


InSight Crime’s Chemical Precursor Report Widely Cited


We are proud to see that our recently published investigation into the supply chain of chemical precursors feeding Mexico’s synthetic drug production has been warmly received.