Cyber attackers increasingly target Latin America

September 13, 2016

Despite its place among the so-called BRIC emerging economies, Brazil continues to be plagued by a number of integrity and compliance issues. Although the country and indeed the Latin American region as a whole can now boast hosting a growing presence of high profile firms in the energy and manufacturing sectors, they are also becoming increasingly notorious for data breaches. As such, it is vital that organisations in the region, as well as those looking to establish offshore branches, beef up their data security controls.

The number of ransomware attacks on organisations in the region is rising, with approximately 30 percent of emails received by Latin American users having content that could potentially initiate some kind of security breach. Hackers are now shifting away from using typical Trojan malware to obtain sensitive information, and moving more towards infecting computer systems and requesting the payment of Bitcoins in order to regain access.

Cyber criminals in Latin America are also able to create a virus locally instead of purchasing it from Russian developers, according to Kaspersky Lab during a conference held in Mexico.

Jackpotting is another method used by offenders to drain all of the money in ATMs within minutes, representing a particularly grave threat. Groups are able to gain access to a bank’s network through employees, contractors or outsourcing service providers.

There is therefore a need now, more than ever before, for companies to ensure that suppliers are taking extra precautions, as the techniques of committing data intrusion become more sophisticated and dangerous. The risks associated with data security can best be managed through ensuring that the data processor engages in best practices for data management and data security. Policies, procedures and security programmes need to be reviewed and tested with intrusion attempts and other means to ensure their efficiency.

Furthermore, public and private organisations should also self-report incidents of cyber threats to authorities as soon as they occur, even if they are seen as minor and unimportant.

Previous Article
Letter from the Editor in Chief
Letter from the Editor in Chief

Dear Valued Compliance Insider® Reader, as you know, Compliance Insider® is a part of The Red Flag Group an...

Next Article
Reputational benefits of security compliance should be sufficiently persuasive
Reputational benefits of security compliance should be sufficiently persuasive

February’s high profile US$81 million heist on Bangladesh Bank revealed that weak security measures made it...

Do your suppliers meet the expectations of your integrity & compliance programme?

Tell me more