Inadequate cyber resources have made Latin American countries attractive targets for ransomware attacks, CyberScoop
Latin American governments have been facing a "sustained increase" in database leaks and initial access sales since March, with most ransomware threat actors likely leveraging compromised credentials and session cookies as vectors for their attacks, a report from Recorded Future's Insikt Group revealed.
"We have also identified a significant increase in Q1 2022, beginning in February 2022, of references to domains owned by government entities in [Latin America] on dark web shops and marketplaces such as Russian Market, Genesis Store, and 2easy Shop, relative to the same time period in 2021," researchers said.
The report highlighted the Conti ransomware attack against Costa Rica
in April, which was found to be associated with a subsequent intrusion against Peru's intelligence agency the following month.
"Ransomware will likely continue to be incorporated into the attack methods of threat actors targeting public and private entities in [Latin America] due to their availability as ransomware-as-a-service (for non-technical threat actors) and highly successful infection rates," added researchers.