Cyber threats in Latin America are increasingly directed at government systems, exemplified by disruptive incidents in Puerto Rico and a marked rise in attacks targeting Colombia’s health sector.
Government organizations throughout Latin America and the Caribbean are confronting a significant increase in attacks on critical agencies, surpassing the global average. Notable incidents include attacks on Colombia's national health agency, potential breaches of Puerto Rico's transportation department, and a wave of AI-assisted hacking aimed at Mexico's governmental structures.
In March alone, organizations in Latin America experienced approximately 3,050 cyberattacks each week, a stark contrast to the global average of just over 2,000 weekly incidents, according to data from Check Point Software Technologies. Government agencies are particularly vulnerable, facing nearly 4,200 attacks weekly—about a thousand more than the average across all sectors, as observed by Angel Salazar, security engineering manager for Check Point in the Latin American region.
"Government networks are characterized by constant exposure due to public services requiring uninterrupted operation, legacy systems that are difficult to overhaul, and a transient user base," Salazar explains. "This environment creates a persistent attack surface, rather than sporadic threats."
March was notable for a series of breaches impacting the region. Early in the month, a collective of hacktivists infiltrated at least nine Mexican government agencies, utilizing advanced AI systems and likely compromising over 195 million identities and tax records. Colombia's health ministry, known as the Superintendencia Nacional de Salud (Supersalud), recorded over 23 million cyberattacks and probes during March, responding to reports of a hacking incident. Additionally, Puerto Rico's Department of Transportation ceased the issuance of driver's licenses following a cyberattack that, while unsuccessful, raised significant concerns.
While many attacks are carried out by financially driven criminals, Camilo Gutierrez, field CISO for cybersecurity firm ESET in Argentina, notes that nation-state espionage and politically motivated hacktivism are becoming increasingly relevant threats.
"In the day-to-day operations of government entities in Latin America, criminal activity remains the most likely risk; however, for strategic planning, the likelihood of state-sponsored or hybrid threats should be taken seriously," Gutierrez adds.
Overall, Latin America has shifted from a secondary target for cybercriminals to one of the most targeted regions globally. Government agencies remain among the prime focuses of these attacks, underscoring systemic vulnerabilities within the region. Email continues to be the primary vector for these cyber threats, accentuating the critical need for robust cybersecurity strategies across the continent.
Share this story