Among the findings, stolen credentials remain a problem in the region; the average lifespan of ransomware groups is 17 months; and vishing triples the phishing click-through rate.
Latin America experienced a 4% increase in cyberattacks in 2021 compared to the previous year. Brazil, Mexico and Peru were the most attacked countries in the region in this period
IBM (NYSE: IBM) Security recently released the X-Force Threat Intelligence Index, its annual study that reveals how ransomware, corporate email compromise, and credential harvesting together were able to “trap” companies in Latin America in 2021, further straining supply chains. While phishing has been the most common cause of cyberattacks overall in the region over the past year, IBM Security X-Force has seen an increase in attacks caused by stolen credentials, an entry point that actors relied more on to carry out intrusions in 2021. , representing the 27% cause of cyberattacks in Brazil.
The 2022 IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns that IBM Security has observed and analyzed through its data, based on billions of data points ranging from network and endpoint detection devices, incident response engagements, phishing kit tracking and more, including data provided by Intezer. Some of the key highlights in this year's report include:
- Manufacturing, the basis of supply chains, becomes the most wholesale sector. In Brazil, manufacturing (20%) was the most attacked sector in 2021, reflecting a global trend as cybercriminals have found a vantage point in the critical role manufacturing organizations play in global supply chains to pressure victims to pay. a ransom. The Mining (17%), Professional Services, Energy and Retail sectors receive 15% from attacks, following manufacturing as the most attacked sectors in Brazil.
- Ransomware gangs defy defenses. Ransomware persisted as the main attack method observed in 2021, both globally and in Latin America, and was responsible for 32% of attacks in Brazil. Ransomware gangs do not stop attacking despite the increase in defenses. According to the 2022 report, the average lifespan of a ransomware group before going out of business or rebranding is 17 months. REvil was the most observed ransomware type, covering 50% of the attacks that X-Force remedied in Latin America.
- BEC (Business E-mail Compromise) attacks have a new target. The rate of BEC attacks against Latin America is higher than anywhere else in the world, representing a sharp increase from 0% in 2019 to 26% in 2021 in Brazil, suggesting that BEC-style criminals are targeting organizations more. From Latin America. According to the report, BEC was the second most common attack in the region.
- Vulnerabilities continue to increase — The X-Force report highlights the record number of vulnerabilities disclosed in 2021, suggesting that the challenge of managing these weaknesses persists. For companies in the region, unpatched vulnerabilities caused 18% of attacks in 2021, exposing the biggest difficulty: patching or patching vulnerabilities.
- Early warning signs of cybercrisis in the cloud. Cybercriminals are laying the groundwork to target cloud environments. According to the report, there is a 146% increase in the creation of new Linux ransomware code and a shift in global targeting focused on Docker, which could make it easier for more threat actors to leverage cloud environments for malicious purposes such as malware, which can attack multiple platforms and be used as a jumping-off point for other components of victims' infrastructure.
“Cybercriminals often go after money. Now, with ransomware, they are looking for the upper hand,” said Charles Henderson, IBM X-Force Leader. “Companies need to recognize that vulnerabilities are getting in the way and ransomware actors are taking advantage of them. This is a non-binary challenge. The attack surface is only growing, so rather than operating under the assumption that every vulnerability in their environment has been patched, companies should operate on the assumption of compromise, improving vulnerability management with a zero-trust strategy.” .
Additional findings from the 2022 report include:
- Whoever calls you first may have been phishing for a long time — Phishing was the most common cause of cyberattacks in 2021 worldwide and was responsible for 60% of the attacks remedied by X-Force in Brazil. In X-Force Red's penetration tests, the click-through rate of phishing campaigns tripled when combined with subsequent calls to victims.
- Most attacked countries in the region — Latin America saw a 4% increase in cyberattacks in 2021 compared to the previous year, and according to the report, Brazil, Mexico and Peru were the most attacked countries in the region last year.
The report presents data that IBM collected globally in 2021 to provide insights into the global threat landscape and inform security professionals about the threats most relevant to their organizations. For the purposes of the report, IBM considers Latin America to include Mexico, Central America and South America.
Download a copy of IBM Security X-Force Threat Intelligence 2022 on here.
