Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean

In collaboration with the Cybersecurity Program of OAS/CICTE, we examine the cybersecurity challenges affecting member states of the OAS. These issues include ransomware and active attacks, threats related to remote work, and the risks brought about by the adoption of new technologies.
  • Overview
  • Ransomware and other active threats
  • Threats related to remote work setups and Covid-19
  • Cloud and IoT Threats

Download Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean
Download Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean

What is the state of the cybersecurity landscape of member states of the Organization of American States (OAS)? 

In our report, created in collaboration with the Cybersecurity Program of the Organization of American States Inter-American Committee against Terrorism (OAS/CICTE) and titled “Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean,” we take a closer look at the cybersecurity challenges affecting member states of the OAS. These issues include ransomware and active attacks, threats related to remote work, and the risks brought about by the adoption of new technologies.

To examine these challenges, we looked through three lenses: threat landscape data from the first half of 2021 specific to OAS member states, global trends from our 2021 midyear cybersecurity report, titled “Attacks From All Angles,” and survey answers from respondents holding key positions in organizations based in OAS member states. 

Through findings gathered from these three sources, the report aims to help organizations build solid defenses against relentless threats. 

. . .

Ransomware and other active threats

Ransomware, targeted attacks, and scams not only persist but also evolve into more menacing threats.

In our survey, we asked the respondents to rank threats such as ransomware, targeted attacks, and scams in terms of how much they posed a security challenge. An overwhelming majority answered “a great deal,” while the second most frequent answer was “a lot.” 

How online threats (ransomware, targeted attacks, scams, etc.) were ranked as a security challenge by survey respondents

How online threats (ransomware, targeted attacks, scams, etc.) were ranked as a security challenge by the survey respondents

This response is not surprising since high-profile campaigns had been making headlines, with ransomware operators launching attacks on critical industries. Detections of modern ransomware such as REvil (aka Sodinokibi), DarkSide, and Nefilim continued to surge. Modern ransomware families’ use of ransomware-as-a-service (RaaS), double extortion, and advanced techniques helped extend the reach of attacks.

The top 10 ransomware families across OAS member states in terms of file-only counts of ransomware family detections in the first half of 2020 and in the first half of 2021

The top 10 ransomware families across OAS member states in terms of file-only counts of ransomware family detections in the first half of 2020 and in the first half of 2021


What industries* were the most affected by ransomware attacks?


  • Government

  • Healthcare

  • Manufacturing

  • Food and beverage

  • Technology

*across OAS member states in the first half of 2021

Email threats and malicious URLs, which could be used as entry points for ransomware, targeted attacks, and scams, also proliferated across OAS member states. 

Download our full report, Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean, to gain more insights on how ransomware, targeted attacks, and other active threats have been affecting OAS member states.

. . .

Threats related to remote work setups and COVID-19 

The COVID-19 pandemic resulted in an almost overnight shift to remote work, which also affected OAS member states. The abrupt transition came with its own challenges.

To the survey question that asked the respondents to rank how much they viewed remote work-related adjustments as a challenge, the majority of the respondents answered “a lot,” the second highest ranking in the survey. This was followed by “a moderate amount,” and then by “a great deal.”

How adjusting to secure remote work setups due to Covid-19 (in terms of both operations and securing systems) was ranked as a security challenge by survey respondents

How adjusting to secure remote work setups due to Covid-19 (in terms of both operations and securing systems) was ranked as a security challenge by the survey respondents

Aside from operational issues, organizations also had to grapple with security challenges. Adopting remote work resulted in heavier reliance on emails, platforms, and apps, exposing employees and thus their organizations’ systems to cybersecurity risks. 

In 2021, threats such as business email compromise (BEC), online banking malware, and malicious apps persisted. Among the three, detections of blocked malicious Android apps across OAS member states showed an almost twofold increase in the first half of 2021, compared to the same period in 2020.  

The number of blocked malicious Android apps across OAS member states in the first half of 2020 and in the first half of 2021

The number of blocked malicious Android apps across OAS member states in the first half of 2020 and in the first half of 2021

Malicious actors used the topic of the pandemic itself to spread scams, using fake vaccination programs and testing registrations as lures. Figures relating to Colombia showed a marked increase, from just over 11,800 detections in the first half of 2020 to over 462,000 detections in the first half of 2021. This might be indicative of additional efforts from malicious actors toward deploying COVID-19-related attacks in the country.

The top 10 OAS member states in terms of detections of Covid-19-related threats (malicious spam emails, malicious URLs, and malware) in the first half of 2020 and in the first half of 2021

The top 10 OAS member states in terms of detections of Covid-19-related threats (malicious spam emails, malicious URLs, and malware) in the first half of 2020 and in the first half of 2021

Download our full report, “Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean,” to know more about threat detections related to remote work and COVID-19 across OAS member states.

. . .

Cloud and IoT Threats

Relatively new technologies such as the cloud and the internet of things (IoT) or the industrial internet of things (IIoT) might help improve enterprises’ operations, but the misconfiguration of these platforms could lead to security risks.

How adjusting to new technologies such as the cloud and the IoT or the IIoT was ranked as a security challenge by survey respondents

How adjusting to relatively new technologies such as the cloud and the IoT or the IIoT was ranked as a security challenge by the survey respondents

In our survey, when asked to rank the shift to new technologies in terms of the challenge they posed, most respondents rated it as something that concerned them “a lot.” The option with the next highest number of responses was “a moderate amount,” followed by “a great deal,” and then “none at all.” 

In 2021, cloud systems were targeted through threat campaigns, as in the TeamTNT hacking group’s targeting of AWS credentials and Kubernetes clusters. Consistent across such incidents was the presence of cryptocurrency-mining elements. Cryptocurrency miners were the third most detected malware type across OAS member states in the first half of 2021. MalXMR was the most detected family, with its detections across OAS member states increasing twofold from the first half of 2020.

What were the most detected cryptocurrency miners?*


  • MalXMR

  • ToolXMR

  • MalBTC

*across OAS member states in the first half of 2021

Malicious actors likewise abused the IoT or the IIoT and the connections it enabled. One of the ways this was done was through botnets. Botnet-related detections across OAS member states consisted mostly of those from the northern hemisphere.

The top 10 OAS member states in terms of detections of botnet connections and botnet command-and-control (C&C) servers in the first half of 2021

The top 10 OAS member states in terms of detections of botnet connections and botnet command-and-control (C&C) servers in the first half of 2021

One of the IoT botnet malware families we continued to observe this year was VPNFilter. This familiar threat compromises routers and storage devices via backdoor accounts and exploits devices from known vendors.

Download our full report, “Keeping a Close Watch: Trend Micro Specialized Cybersecurity Report for Latin America and the Caribbean,” for more information on how the adoption of new technologies such as the cloud and the IoT or the IIoT have affected organizations in OAS member states.

. . .

HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Опубликовано в Cybercrime & Digital Threats, Cybercrime, Ransomware