A few days ago the ESET Security Report 2023 which addresses the main concerns of Latin American companies regarding information security, as well as the number of security incidents reported in the past year, and the impact of specific threats such as ransomware, spyware and Trojans. The document also contains the main security measures implemented by Latin American companies, both in terms of technological solutions and management practices.
Some notable data from the report shows that the 69% of Latin American organizations have suffered a security incident in the past year. On the other hand, the countries with the highest percentage of detections of malicious code in phishing campaigns are Ecuador (8%), followed by Costa Rica 7.2%, Colombia 5.7%, Guatemala 5.2% and El Salvador 5.1% .
In this context, the 66% of companies say theft or information leakage is their top cybersecurity concernwhile 65% believe that the budget allocated to cybersecurity is not sufficient.
The use of mobile security solutions has increased from 10% in 2021 to 21% in 2022. However, given the growth that Android vulnerabilities have had and the role mobile devices play in business, the adoption rate remains low. Throughout 2022, ESET observed how cybercriminals manage to spread malware through applications available on Google Play and also through more advanced campaigns for both Android and iOS with the aim of stealing cryptocurrencies or conducting espionage.
Most reported security incidents
According to the research, this is one of the most important types of attacks recorded by organizations 70% consider phishing to be the most common form of attack, followed by malware attacks (63%) and thirdly attacks that attempt to steal access data (56%). On the other hand, given that there was a 26% increase in the number of reported vulnerabilities in 2022, it is worth noting that 49% of companies confirmed that they have received attack attempts that attempted to exploit a vulnerability.
Ransomware
Threats such as ransomware and remote access trojans (RATs) have been constant in Latin America in 2022 and will remain so in 2023. In the case of ransomware 96% of organizations consider these types of threats to be of particular concern and 21% confirm that they have been the target of a ransomware attack in the past two years. As for how to recover from these incidents that have a major impact on companies’ productivity and reputation, 77% did so using backup and only 4% paid the ransom to cyber criminals. Considering that paying is something that is always discouraged for various reasons, it is worth noting that 84% stated that they would not want to negotiate the ransom payment with the attackers and that 14% would be willing to consider it.
In 2022, several government agencies and private companies in Latin America fell victim to ransomware groups, such as Conti, Hive, LockBit or Vice Society, to name a few. One of the most memorable ransomware attacks of the past year was in Costa Rica, when the Conti and Hive groups hit several government agencies and authorities declared a national state of emergency. In addition to this episode, companies from other countries in the region, such as Argentina or Chile, are carrying out attacks carried out by groups operating under the ransomware as a service, or RaaS, model.
How do organizations protect themselves?
While threats evolve and organizations strive to allocate adequate resources to protect their information and assets, the report highlights that 65% of respondents believe the budget allocated to cybersecurity is insufficient. Despite this, deployments of backup systems, firewalls and VPN solutions increased in response to the increase in attacks. In terms of management, 81% of organizations claim to have a security policy, 41% an incident response plan, while 27% have cyber risk insurance.
“The ESET Security Report 2023 provides an overview of the state of corporate cybersecurity in Latin America. Many organizations face the challenge of transitioning from remote working to hybrid working post-pandemic, but as the report shows, many companies are still unprepared to safely adopt this model. When we add to this the technological evolution associated with advances in artificial intelligence to automate tasks and processes, it is clear that organizations face major challenges.”, said Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory.(I)
Source: Eluniverso
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
