Latin America governments are prime targets for ransomware due to lack of resources, analysis argues

Written by
Jun 16, 2022 | CYBERSCOOP

Some Latin American countries may present as easy targets for ransomware attackers due to a general deficit of cyber resources, specifically education, hygiene and overall infrastructure, an analysis from Recorded Future’s Inskit Group said Thursday.

The situation in many of these countries is such that ransomware attacks on local, provincial or federal government entities “could constitute a credible national and geopolitical security risk,” the researchers conclude.

A definitive attack vector could not be assessed in each case. But the “most likely” avenue in many of the cases was some combination of compromised valid credential pairs and session cookies, which are harvested from a successful infostealer infection and sold by initial access brokers on dark web forums, the researchers said.

Anecdotal observations by Recorded Future reflect a “minor” but “sustained increase” in references to initial access sales and database leaks related to Latin American governments starting in around March 2022, the researchers note.

“We have also identified a significant increase in Q1 2022, beginning in February 2022, of references to domains owned by government entities in [Latin America] on dark web shops and marketplaces such as Russian Market, Genesis Store,

Read More: https://www.cyberscoop.com/latin-america-ransomware-recorded-future/