HomeNewsLatin American Governments Easy Prey for Ransomware During COVID-19

Latin American Governments Easy Prey for Ransomware During COVID-19


A recent cyberattack that hit government websites in Brazil, including platforms that track vaccinations and epidemiological data on COVID-19, has stoked concerns about a surge in ransomware attacks on critical infrastructure in Latin American countries.

The series of attacks, which occurred throughout December, compromised the Ministry of Health's portal, including DataSUS, a platform that gathers information on COVID-19 cases and deaths, O Globo reported. The platform remains down and is not expected to be back online until January 15, Health Minister Marcelo Queiroga said. ConectaSUS, the application for issuing vaccination certificates, was also knocked offline for nearly two weeks until being restored at the end of December.

Reuters reported that the hacking collective, Lapsus$ Group, claimed responsibility for the attacks, leaving a message that said internal data had been copied and deleted. "Contact us if you want the data back," the group said.

Other websites infiltrated by the group were linked to the country's National Land Transport Agency, the Ministry of Economy and the Federal Highway Police, according to security officials.

The hackers left a message on one government site that made clear the incursions were part of a coordinated ransomware attack. "Let's get a few things straight: our only goal is to get money," the group said in the message, which was quickly removed, according to Brazilian newspaper, O Estado de S. Paulo.

Hackers have focused on Brazil in the past for ransomware attacks, including holding hostage data linked to the country's courts, national library, energy companies and major industries.

SEE ALSO: Pins and Needles – How Credit Card Fraud Works in Latin America

Such attacks were a scourge throughout the region in 2021, with criminals making demands on the National Lottery Service and the Ministry of the Economy in Mexico; banks and major news outlets in Chile; and medical centers in Argentina.

In Uruguay, hackers ransomed the data of the Naval Service last year. Public institutions in the country were attacked, on average, once every three hours, according to local newspaper El Pais.

InSight Crime Analysis

Brazil's attacks cap off a year in which Latin America has seen an explosion in ransomware attacks, as hackers use new tactics to target critical web infrastructure left unguarded.

"Cybercriminals are using vulnerability scanners," Danny Paton, a cybersecurity expert focused on Latin America and the Caribbean, told InSight Crime. "The process is somewhat automated. Once they find something that's open, they will attack it," he said.

SEE ALSO: Latin America Under Threat of Cybercrime Amid Coronaviru

Cyberattacks in Latin America increased by 24 percent in just the first eight months of 2021, according to cybersecurity giant Kaspersky.

Steph Shample, a senior cybersecurity expert with internet security firm, Team Cymru, said that the more sophisticated hackers use public information to adjust the vulnerability scanners to target regions and countries where they know protection is lagging.

"Latin America is exploding as far as interconnectivity and with that connection come risks that aren't being addressed," Shample told InSight Crime.

A 2020 study by the International Development Bank (IDB) found that only seven out of 32 Latin American countries have a critical infrastructure protection plan. The IDB defines critical infrastructure as the systems and networks vital to national security, economy, public health and safety.

Mexican cybersecurity expert Hiram Alejandro said that Latin American governments, including Mexico, are even lagging in identifying the institutions they consider critical infrastructure in the context of cybersecurity.

"Without that definition, you don't know what to prioritize," he told InSight Crime. "That's what we're missing. Russia, the United States, Europe, Asia have defined [what's critical] and implemented cybersecurity measures for it."

In 2019 and 2020, Mexico saw high-profile attacks on state-owned petroleum company Pemex and the Ministry of Economy. In both cases, criminals wreaked havoc on the government institutions to extort large payouts.

Cybersecurity firm, Intel 471, said insecure critical infrastructure would continue to be an exceptionally "juicy target" for criminals involved in ransomware.

Shample agreed.

"Let's be serious. There's a lot of ego in cybercrime, and a lot of these guys will want the bragging rights of ransoming an entire country, like Colombia or Brazil," she said. "That gets them money and makes them famous in the underworld."

share icon icon icon

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


What are your thoughts? Click here to send InSight Crime your comments.

We encourage readers to copy and distribute our work for non-commercial purposes, with attribution to InSight Crime in the byline and links to the original at both the top and bottom of the article. Check the Creative Commons website for more details of how to share our work, and please send us an email if you use an article.

Was this content helpful?

We want to sustain Latin America’s largest organized crime database, but in order to do so, we need resources.


Related Content


Illegally buying endangered species via social media has grown increasingly convenient in Mexico, especially given its feeble environmental controls and…

BRAZIL / 26 JUL 2022

Indigenous communities in Brazil are using drones to fight deforestation and the frequent assaults of loggers on their lands.

COSTA RICA / 27 JUN 2022

Two months ago, Conti, one of the most-feared cybercrime operations in the world, unleashed a blitz of raids against websites…

About InSight Crime


Escaping Barrio 18

27 JAN 2023

Last week, InSight Crime published an investigation charting the story of Desafío, a 28-year-old Barrio 18 gang member who is desperate to escape gang life. But there’s one problem: he’s…


Europe Coverage Makes a Splash

20 JAN 2023

Last week, InSight Crime published an analysis of the role of Amsterdam’s Schiphol Airport as an arrival hub for cocaine and methamphetamine from Mexico.  The article was picked up by…


World Looks to InSight Crime for Mexico Expertise

13 JAN 2023

Our coverage of the arrest of Chapitos’ co-founder Ovidio Guzmán López in Mexico has received worldwide attention.In the UK, outlets including The Independent and BBC…


InSight Crime Shares Expertise with US State Department

16 DEC 2022

Last week, InSight Crime Co-founder Steven Dudley took part in the International Anti-Corruption Conference organized by the US State Department’s Bureau of Democracy, Human Rights, & Labor and…


Immediate Response to US-Mexico Marijuana Investigation

9 DEC 2022

InSight Crime’s investigation into how the legalization of marijuana in many US states has changed Mexico’s criminal dynamics made a splash this week appearing on the front page of…