HomeNewsLatin American Governments Easy Prey for Ransomware During COVID-19

Latin American Governments Easy Prey for Ransomware During COVID-19


A recent cyberattack that hit government websites in Brazil, including platforms that track vaccinations and epidemiological data on COVID-19, has stoked concerns about a surge in ransomware attacks on critical infrastructure in Latin American countries.

The series of attacks, which occurred throughout December, compromised the Ministry of Health's portal, including DataSUS, a platform that gathers information on COVID-19 cases and deaths, O Globo reported. The platform remains down and is not expected to be back online until January 15, Health Minister Marcelo Queiroga said. ConectaSUS, the application for issuing vaccination certificates, was also knocked offline for nearly two weeks until being restored at the end of December.

Reuters reported that the hacking collective, Lapsus$ Group, claimed responsibility for the attacks, leaving a message that said internal data had been copied and deleted. "Contact us if you want the data back," the group said.

Other websites infiltrated by the group were linked to the country's National Land Transport Agency, the Ministry of Economy and the Federal Highway Police, according to security officials.

The hackers left a message on one government site that made clear the incursions were part of a coordinated ransomware attack. "Let's get a few things straight: our only goal is to get money," the group said in the message, which was quickly removed, according to Brazilian newspaper, O Estado de S. Paulo.

Hackers have focused on Brazil in the past for ransomware attacks, including holding hostage data linked to the country's courts, national library, energy companies and major industries.

SEE ALSO: Pins and Needles – How Credit Card Fraud Works in Latin America

Such attacks were a scourge throughout the region in 2021, with criminals making demands on the National Lottery Service and the Ministry of the Economy in Mexico; banks and major news outlets in Chile; and medical centers in Argentina.

In Uruguay, hackers ransomed the data of the Naval Service last year. Public institutions in the country were attacked, on average, once every three hours, according to local newspaper El Pais.

InSight Crime Analysis

Brazil's attacks cap off a year in which Latin America has seen an explosion in ransomware attacks, as hackers use new tactics to target critical web infrastructure left unguarded.

"Cybercriminals are using vulnerability scanners," Danny Paton, a cybersecurity expert focused on Latin America and the Caribbean, told InSight Crime. "The process is somewhat automated. Once they find something that's open, they will attack it," he said.

SEE ALSO: Latin America Under Threat of Cybercrime Amid Coronaviru

Cyberattacks in Latin America increased by 24 percent in just the first eight months of 2021, according to cybersecurity giant Kaspersky.

Steph Shample, a senior cybersecurity expert with internet security firm, Team Cymru, said that the more sophisticated hackers use public information to adjust the vulnerability scanners to target regions and countries where they know protection is lagging.

"Latin America is exploding as far as interconnectivity and with that connection come risks that aren't being addressed," Shample told InSight Crime.

A 2020 study by the International Development Bank (IDB) found that only seven out of 32 Latin American countries have a critical infrastructure protection plan. The IDB defines critical infrastructure as the systems and networks vital to national security, economy, public health and safety.

Mexican cybersecurity expert Hiram Alejandro said that Latin American governments, including Mexico, are even lagging in identifying the institutions they consider critical infrastructure in the context of cybersecurity.

"Without that definition, you don't know what to prioritize," he told InSight Crime. "That's what we're missing. Russia, the United States, Europe, Asia have defined [what's critical] and implemented cybersecurity measures for it."

In 2019 and 2020, Mexico saw high-profile attacks on state-owned petroleum company Pemex and the Ministry of Economy. In both cases, criminals wreaked havoc on the government institutions to extort large payouts.

Cybersecurity firm, Intel 471, said insecure critical infrastructure would continue to be an exceptionally "juicy target" for criminals involved in ransomware.

Shample agreed.

"Let's be serious. There's a lot of ego in cybercrime, and a lot of these guys will want the bragging rights of ransoming an entire country, like Colombia or Brazil," she said. "That gets them money and makes them famous in the underworld."

share icon icon icon

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


What are your thoughts? Click here to send InSight Crime your comments.

We encourage readers to copy and distribute our work for non-commercial purposes, with attribution to InSight Crime in the byline and links to the original at both the top and bottom of the article. Check the Creative Commons website for more details of how to share our work, and please send us an email if you use an article.

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


Related Content

BRAZIL / 19 DEC 2013

Homicides have fallen 65 percent in the Rio de Janeiro favelas where Police Pacification Units have been installed during four years…


Extensive reports have repeatedly underlined Latin America’s vulnerability to cybercrime, an Achilles' heel which organized crime is already capitalizing on…

BRAZIL / 31 AUG 2012

Brazilian police, working with their Peruvian counterparts, have conducted coca eradication operations in Peru as the Latin American superpower steps…

About InSight Crime


Venezuela's Cocaine Revolution Met With Uproar

6 MAY 2022

On May 4, InSight Crime launched its latest investigation, Venezuela’s Cocaine Revolution¸ accompanied by a virtual panel on its findings. The takeaways from this three-year effort, including the fact that Venezuela…


Venezuela Drug Trafficking Investigation and InDepth Gender Coverage

29 APR 2022

On May 4, InSight Crime will be publishing The Cocaine Revolution in Venezuela, a groundbreaking investigation into how the Venezuelan government regulates the cocaine trade in the country. An accompanying event,…


InDepth Coverage of Juan Orlando Hernández

22 APR 2022

Ever since Juan Orlando Hernández was elected president of Honduras in 2014, InSight Crime has provided coverage of every twist and turn during his rollercoaster time in office, amid growing…


Venezuela's Cocaine Revolution

15 APR 2022

On May 4th, InSight Crime will publish a groundbreaking investigation on drug trafficking in Venezuela. A product of three years of field research across the country, the study uncovers cocaine production in…


Widespread Coverage of InSight Crime MS13 Investigation

8 APR 2022

In a joint investigation with La Prensa Gráfica, InSight Crime recently revealed that four of the MS13’s foremost leaders had been quietly released from…