Lessons from the frontline
Ransomware is a prevalent cyber threat, particularly in Latin America, where organizational cybersecurity programs are in formative stages. While numerous factors can increase the risk of ransomware attacks causing serious harm in the region, the lack of cybersecurity policies and regulations across Latin America, as noted by the National Cybersecurity Index (NCSI), has further exacerbated these regional challenges Attacks on critical infrastructure may significantly disrupt the functioning of government and business alike and result in a ripple effect on the citizens of Latin American nations. This report uses the definition of critical infrastructure from the National Institute of Standards and Technology (NIST): “Systems and assets, whether physical or virtual, so vital to the State that the incapacity or destruction of such systems and assets would have a debilitating impact on security national economic security, national health or public security, or any combination of those issues.”
According to the Inter-American Development Bank (IDB), only seven of the 32 Latin American countries have plans to protect their critical infrastructure from cyberattacks, and only 20 have Computer Security Incident Response Teams (CSIRTs). The current level of cyber readiness in the region suggests that there is a notable deficit that must be addressed.
The annual cost of cyberattacks in Latin America and the Caribbean could exceed $90 million by 2025, with an average of more than 18.5 million attacks per year. Notable incidents include an attack on Costa Rica in April 2022, which affected numerous government agencies and demanded a $10 million ransom. Another attack in May 2022 targeted the Costa Rican Social Security Fund, causing disruptions in critical systems, including the completion of social security payments. These attacks caused the country to declare a state of emergency, becoming the first country to use emergency funds due to a cyberattack. Similarly, Colombia experienced a significant ransomware attack from a third party in early September 2023, which severely disrupted vital services across the country. This attack directly impacted 20 public entities, while
78 additional public entities and 762 private companies were indirectly affected across Latin America as well as others in countries such as Argentina, Panama, and Chile.