According to data from Palo Alto Networks, ransomware attacks in LATAM increased 38% in one year. In total, there were 180 attacks spread over 20 countries analyzed. Last year there were 59 attacks in Brazil, 26 in Mexico, 23 in Argentina, 19 in Colombia and 5 in Chile. In 2021 there were 39 in Brazil, 23 in Mexico, 14 in Peru, 12 in Argentina and 10 in Chile.
Hackers demand huge ransom payments in exchange for data recovery. Globally, ransomware lawsuits continued to be a threat to organizations last year, with payouts of up to $7 million in cases observed. The median demand was $650,000, while the median payment was $350,000, indicating that effective negotiation can reduce actual payments. One in five ransomware cases investigated revealed that attackers coerce and harass their victims by leveraging stolen customer information to force organizations to deliver the ransom.
“Some of the attack tactics include encryption, data theft, Distributed Denial of Service (DDoS) and stalking, with the ultimate goal of increasing the chances of getting paid. Data theft, which is usually associated with dark web leak sites, was the most common of the extortion tactics, with 70% of groups using it by the end of 2022 – an increase of 30 percentage points from the last year,” said Bert Milan, RVP, Caribbean and Latin America at Palo Alto Networks.
Latin America is an attractive region
Data shows that manufacturing, legal and professional services, and construction are the three market sectors most affected by ransomware. Lockbit, Hive, and BlackCat (ALPHV) were responsible for the majority of attacks in the region, which can occur through malicious links, lack of backups, and little investment in cybersecurity. Leak sites on the Dark Web are regularly associated with data theft.
Manufacturing was the world’s most attacked sector in 2022, with 447 compromised organizations publicly exposed on breach sites, according to the data. The countries that suffer the most from this type of attack are the United States, with 1,118 attacks, followed by the United Kingdom, with 130, and Germany, with 129.
“The data showed that at least 75% of the attacks managed by our incident response team were initiated by superficial exposures. Today, companies must make significant investments in cybersecurity, in addition to training their employees so that they are aware of fundamental security principles when using company equipment. It is not advisable to continue without making efforts in cybersecurity, which does not guarantee that you will not be a target. However, it will prevent ransomware groups from reaching the heart of the company”, reinforces the vice president.