Cyberattack Trends in Latin America

By Holly Gilbert

Another finding was that Latin America is experiencing tremendous growth in the area of Web-based attacks, as well as custom attacks against the financial sector and industrial control systems, the latter of which are used in utilities and critical infrastructure. These are being heavily targeted now with hundreds of attacks daily, according to Kellermann.
Also highlighted in the report is the emergence of underground markets for dealing in cybercrime tools and expertise in Latin America. Hackers are “distributing weapons in this community through various blogs and many social networking and social media sites,” according to Kellermann.

“Now there are wholesale arms bazaars that are widely available specific to Latin America that allow you to leverage the latest attack capabilities. For example, for less than $600, you can leverage attacks that can bypass most of the perimeter defenses that are established by most organizations under ISO standards,” Kellermann explains.

Another issue is the lack of sophisticated defenses in place, leaving systems vulnerable to older malware that might not be effective in other countries and regions. “We’ve found, surprisingly, that Configure, an old polymorphic worm, is still very prevalent in the region,” Kellermann said. “This can be due to a lot of reasons, but I think the largest part is going to be the lack of vulnerability management by users, partners, and ecosystems in the region.”

In discussing the mobile threat, Lee cited SMS Trojans as one of the most common cyberattack vectors in Latin America. He specifically noted the existence of Boxer, a variant that has been detected in the region. With this particular SMS Trojan, users unwittingly download malware to their mobile devices by opening a text message that appears to be coming from a known sender. “Then that [mobile device] will start sending SMS on your behalf to a premium malware vendor,” sccording to Lee. “Ultimately this is a very simple attack. It’s become very prevalent because it works—it works very well—and the attacker makes a lot of money from it.”

Lee explained that Latin America has seen an increase in tailored malware attacks. The hallmark of these types of attacks is that the hackers slightly modify the malicious software over time in order to increase the likelihood of a successful attack. Each version of the malware that the hackers produce is adjusted to provide a more effective attack or to evade detection. “[T]here’s been a lot of work put into the development of those pieces of malware,” Lee attests.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.