Cybercrooks reportedly hang out in Latin America, Caribbean

Internet criminals have opened a new front in Latin America and the Caribbean and seem to have founded booming businesses thanks to low levels of cybercrime protection and awareness, a rare but timely analysis of the region by Trend Micro has found.

After gathering data from 20 out of 32 members of the Organization of American States (OAS) and its own honeypots, Trend concludes that cybercrime is on the rise, not a surprise perhaps given that this is a global phenomenon, but worth paying attention to for any firm doing business in these countries.

Overall, incidents increased in OAS countries by between 8 percent and 40 percent in every category of threat in 2011 and 2012, with hacktivism, attacks on online banks, and infrastructure probes particular standouts.

Preventative practices lacking

More interesting than the percentages alone, however, were the inferences Trend was able to make about underlying cybersecurity based on the types of attack that were reported.

Conventional file infector malware was a major issue in the region, which Trend takes to suggest that patching is poor, operating systems run in insecure states, and consumers have a general complacency about the risks of poor software behavior.

Native organized crime (as opposed to Eastern European gangs) also seem to booting up quite successfully, tailoring attack methods to the particular weaknesses found in different countries. This includes gangs that develop their own crimeware kits, with 2012's "PiceBot" a good example of banking malware that heralds a new level of sophistication for homegrown malware.

Protection for Industrial Control Systems (ICS) is also a worry, with many Internet-facing systems open to attack; Trend itself recorded 39 attacks on infrastructure systems in the geography in a single month during 2012, 12 of which it classified as automated, repeated, and targeted.

Government policies uneven

Perhaps the biggest weakness of all is simply the desperately uneven response of governments in the region. Money, expertise, and a lack of cyber-awareness remains an issue, although Trend did find that many countries were now being positively galvanized by the emerging global culture in government cyber-defense.

"On the whole, political leaders are aware of the dangers of cybercrime and hacking but efforts are often restricted by the lack of resources dedicated to building cybersecurity capacity and shortage of specialized knowledge and expertise to implement technical policies," said Trend's researchers.

As might be expected, the report uncovered widespread differences in the way incidents are recorded, categorized and a lack of any agreed framework for understand their severity. These same issues affect cybercrime analysis the world over. Underreporting is as big an issue as it is everywhere else.

Subscribe to the Security Watch Newsletter

Comments