The Colombian Chamber of Information Technology and Telecommunications (Ccit), through its TicTac analysis tank and its Safe program, presented its most recent report on cybersecurity in the country.
Among the findings of the study, it was highlighted that during the first half of the year, the figures of cybercrimes reported to the Spoa (Accusatory Oral Criminal System of the Attorney General’s Office) reported an increase of 8%compared to the same period in 2021. Thus, between January 1 and June 30, 2022, 29,778 complaints were registered, while last year the figure reached 27,498 reported complaints.
(Read: Petro’s warning to Ecopetrol about its clean energy plan).
However, according to the report, some types of cybercrime that have shown an increase in recent months in Colombia are: abusive access to the computer system, which presented 6,407 cases, that is, 46% more than in the same period of the previous year, and the theft by computerized means that showed an increase of 15% with 11,078 reported cases.
When verifying the possible causes that prompted the rise in the number of cases reported for theft by computer means, the report considers that the numerous malware campaigns, associated with the impersonation of government entities, taking advantage of political contexts, helped to increase the cases of infections. It should be noted that an example of this is the emails that were reported supplanting entities such as the National Registry.
Likewise, the study showed that the infection of computer systems with malicious programs to encrypt information, known as ransomware, continue to generate “a serious impact on company operations” and even continue to compromise business continuity.
On the other hand, the types of cybercrime that reported a significant reduction in the first semester were: the violation of personal data, the impersonation of websites to capture personal data and the use of malicious software that presented variations of -11%, -13% and -27%, respectively.
“The main message around this issue is that we cannot lower our guard, clearly there are still some modalities such as ransomware (information hijacking), which is becoming more frequent and common. The first suggestion is to report. The authorities must be involved and from the Ccit we endorse the capabilities of the National Police to deal with those cases that they are learning about, that is why it is important that they are known and reported,” said Alberto Yohai, president of the Ccit.
For their part, the cities of the country that presented a greater number of incidents of cyberattacks in the first semester were Bogotá, Medellín, Barranquilla, Cali and Bucaramanga, “where more than 70% of the complaints are concentrated, an aspect associated with penetration internet, number of users in ecommerce platforms and virtual banking”, highlights the report.
“This finding indicates that cybercriminals continue to rely on economic interest and the ease of being able to obtain monetary income quickly by compromising the victims’ bank accounts,” said Ana Milena Bula, director of the Analysis and Creativity Tank of ICT (TicTac).
CEO Impersonation
One of the forms of cyber attacks that have begun to gain strength, according to the Ccit report, is manager fraud or CEO fraud or BEC fraud (Business Email Compromise).
Thus, through information theft techniques based on sending links with fraudulent forms or phone calls They manage to obtain information on the commercial and production processes in the companies.
“It is important to consider the implementation of dual controls for the authorization and approval of the dispersion of payroll payments or payments of invoices to suppliers, since the latter situation is used by cybercrime networks to commit fraud,” the report said.
(Also: How the ban on sales of iPhone and iPad 5G affects Colombians).
According to figures from the FBI, BEC fraud globally during 2021 exceeded US$2.4 billion“being therefore the criminal modality that inflicts the greatest economic damage on companies and people worldwide.”
JOHANA LORDUY
