The latest report from Fortinet: FortGuard’s Latin American Ransomware Attack Reports has released some interest insights about the ransomware strains, especially how they operate in the Latin America. The survey which observed cybercriminal activities in 2018, describes the frequency—the rate of ransomware attacks—in the South American digital space.
The country which had to bear the brunt of most of these attacks is Mexico. The report revealed that about 60% of the cybercriminals picked Mexican users as their victim, thereby making the country the primary target of the online world in Latin America. The number of attempts in Mexico is massive: 21,000—number of times the malware were detected through ransomware removal tools. These statistics indicate that on average, 57 attempts are being made to infiltrate PCs in Mexico.
Chile followed Mexico as the second most targeted country. From the remaining 40% attacks, almost 34% were done against the Chilean cyberspace. This means that almost all the cybercriminal activities in South America, (94%) is directed at Mexico and Chile. However, there have been some cases in other South American countries like Brazil, Panama, Puerto Rico, Peru, Argentina, and Dominican Republic
Ransomware attacks first reached a new high in 2017. In 2017, the detected instances of ransomware reached broke records. Moreover, that year also marked the influx of not only new ransomware but also introduced variants—improved versions of older ransomware. One of the most dangerous among these ransomware was the WannaCry Ransomware. As the name suggests, it did become the source of tears for many as the ransomware embarked on a global quest to wreak havoc on governments, businesses, and individuals alike with unprecedented power and expertise.
The report noted that WannaCry still remains a top threat and was indeed the most active of the South American cyberthreats in 2018. One-fourth of each ransomware attack in Latin America was discovered to be the nefarious mechanisms of WannaCry Ransomware.
Other threats in the region included two more familiar names: Dharma and CrySiS Ransomware. Dharma and CrySiS Ransomware remain on the radars of cybersecurity professionals since a long time. Their credentials are easily available from underground hacking forums. When a Dharma or CrySiS perpetrator enters into a PC of a victim, then they are able to create a blueprint from the hard drive of the victim and are easily able to transfer malicious components to their PCs.
The success of these powerful but older ransomware means that the region requires the need of improved cybersecurity so these attacks can be at least minimized if not completely wiped out through the use of latest ransomware removal tools.