Trend Micro reveals up to 40% increase in cyber crime incidents in Latin America and Caribbean

Industrial Control Systems attacks, home-grown crimeware kits lead list of threats

Category:

Marlow, UK - 3rd May 2013 - New research from Trend Micro and the Organization of American States (OAS) has for the first time cast a comprehensive new light on an area of the global cyber security landscape until now poorly illuminated – Latin America and the Caribbean. It found cyber incidents increased by up to 40 per cent from 2011-12 in the region.

The report uses info gleaned from a survey of 20 of the 32 OAS member states on the type and extent of the cyber security threat they face and hard data provided by Trend Micro’s global threat intelligence system including client-side sources and honeypots, to gain a clear picture of the threats facing these geographies.

The report found cyber security incidents increased from between 8-40 per cent over the 2011-12 period, although it was noted that a lack of harmonised terminology across the region makes it difficult to calculate the true extent of attacks. Although hacktivism is a growing trend, financially motivated crimes remain the most common, in line with the global trend.

However, attacks on critical infrastructure and especially Industrial Control Systems (ICS) are particularly acute in the Americas, with hackers targeting widespread vulnerabilities in systems and exploiting lapses in security patching and password protection.

Trend Micro data shows that over a period of 28 days, 39 attacks from 14 different countries were recorded. Of those 39 attacks, 12 were unique and could be classified as “targeted” while 13 were repeated by several of the same actors over a period of several days. The report also found that file infectors are the most prevalent type of malware in Latin America and the Caribbean, pointing to a lack of user security awareness, unpatched OSes and use of insecure removable media.

When it comes to the cyber criminals themselves, those in the region are using free hosting services to launch their attacks, taking advantage of trial periods to launch short-lived but hard-to-trace campaigns. They’re also increasingly designing their own crimeware kits such as PiceBot and using social media as well as the usual IRC channels to advertise their wares and trade stolen data.

The report found the response from law enforcement and governments in the region uneven at best, with inexperienced police teams, poor legislation, limited sharing between governments and poor collaboration between all stakeholders adding to the problem.

However, governments are learning, and increasingly following the lead of the UK, US and others in drawing up cyber security strategies, creating CSIRTs and improving their response. In many cases the widespread publicity given to attacks, especially hacktivist threats, has galvanised efforts, although limited expertise remains a problem.

The report is packed with more information including several in-depth case studies detailing the situation in various OAS member states including Colombia, Argentina and Jamaica. It concludes by recommending increased efforts at raising awareness among users, CNI operators and government; greater investment in technical degree programs to raise cyber security skills levels; and strengthening of government policy.

The full report is available here, also visit our blog for more information.

 


About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.

For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.