(Q24N) Extensive reports have repeatedly underlined Latin America’s vulnerability to cybercrime, an Achilles’ heel which organized crime is already capitalizing on and that could develop into a serious security threat in the absence of robust countermeasures.
According to the Inter-American Development Bank (IDB), cybercrime cost Latin America $90 billion last year, out of a worldwide $575 billion. The cyber security company Norton previously evaluated the cost of cybercrime in 2012 at $8 billion for Brazil, $3 billion for Mexico and $464 million for Colombia.
Among the tools at criminals’ disposal are malware computer programs whose uses have expanded throughout the region. Citing a study by an online security company, the American Society’s Council of the Americas (AS/COA) reported that 50 percent of Latin American companies suffered malware attacks in 2013.
Not only has malware use been on the rise, the region’s first corporate espionage virus was detected in Peru in 2012, a program whose main purpose was to steal data such as industrial plans and designs. A 2013 report by Trend Micro Inc. that was sponsored by the Organization of American States revealed a growing trend of malwares being designed in Latin American countries.
Illegal botnets, which enable users to take remote-control of a computer without the owner’s consent, are one of the favorite tools among criminal hackers in the region. They accounted for nearly 50 percent of the cybercrime attacks in Latin America in 2013, according to the AS/COA, with 120,000 computers infected by just two of these botnets. The United Nations Office on Drugs and Crime has also reported a high proportion of command and control servers, which are used to manage illegal botnets, compared to the overall number of internet users in the Caribbean and Central America.
In addition, several techniques are widely used by Latin American criminals to trick their victims into communicating confidential information. Phishing is an example, whereby the victims respond to a seemingly legitimate email and give up their personal or bank information. An estimated $26 million a year are stolen from bank clients through phishing, according to AS/COA.
Spear phishing follows the same process but specifically targets organizations to gain access to their confidential data, and represents annual economic losses of $24 million.
A third popular scam is “pharming,” in which cybercriminals redirect internet users from legitimate websites to malicious pages. The financial losses from pharming amount to $93 million a year in Mexico alone.
Due to growing public awareness of these scam techniques and increased caution on the part of potential victims, criminals have adapted their methods to target social media users and smartphone owners. A 2013 study by the technology company Symantec saw an increase in fake offers on social media groups, fake “like” buttons dubbed “likejacking,” false smartphone applications and malevolent plug-ins.
Through “manual sharing scams,” social media users may actually be both a victim and unknowingly help the criminals by sharing the malignant video or fake message with their social media friends. The Symantec report notes that “users continue to fall prey to scams on social media sites, often lured by a fake sense of security conveyed by the presence of so many friends online.”
Criminals have also increasingly resorted to malware attacks against banks to compensate for victims’ growing caution with regards to their personal information and the banks’ efforts to implement phishing countermeasures. Criminals now attempt to steal the victims’ information by compromising their computer with a virus. They also directly attack banking systems before sending someone to collect the money from a counter, according to the Mexican cybersecurity company Mattica.
The 2013 Symantec study also explains that cash distributors have been targeted by “ATM Skimming,” a method which allows criminals to obtain the data of a withdrawal card used at the machine. More worryingly perhaps, the company discovered a malware in Mexico which had the potential to corrupt ATMs, forcing them to dispense cash upon activation by the criminal.
The finance and banking industry is among cybercriminals’ favored targets and has increasingly come under attack through techniques that differ from the usual aforementioned scams. The Financial Crimes Enforcement Network of the US Treasury Department observed increased occurrences in which criminals impersonate legitimate financial actors in order to conduct wire transfers after having compromised the victims’ email account. The magnitude of the fraud is significant; Treasury notes “that since 2013, there have been approximately 22,000 reported cases involving $3.1 billion.”
Beyond the vast profits these scams and malwares generate, internet and communications technology (ICT) has increasingly become an integrated tool for drugs, arms and human trafficking groups’ activities. Apart from using ICT for logistical purposes, it has become vital for criminal organizations looking to gain control of the profits earned from their illicit activities, which is becoming increasingly difficult as the financial sector increases its scrutiny of illicit cash flows.
The Association of Certified Financial Crime Specialists recently revealed that transnational organized crime (TOC) groups are increasingly exploiting corporate credit cards for business-to-business payments of “phantom shipments” between the United States and Mexico. Using the credit card of a front company in the US, criminals buy overvalued or non-existent products from Mexico. The drug money earned in the US is then laundered by entering the legal market in Mexico.
The issue of cybercrime in Latin America is magnified by the states’ vulnerability in that domain, which led the IDB to issue “a call for action to start taking the necessary steps to protect this 21st century key infrastructure” in a March 2016 report. Citing this study, Info Week reported that 80 percent of Latin American countries are without a national cybersecurity strategy to protect key infrastructure, 50 percent lack a coordinate response mechanism and only one-third possess a command and control center to tackle cybersecurity threats.
Another vulnerability is the slow legal response on the part of many countries to cybercrime, which the IDB report assesses. While certain countries such as Colombia and the Dominican Republic have managed to develop relatively strong legal frameworks, the study points out widespread weaknesses in the indictment procedures for such crimes.
InSight Crime Analysis
Although estimates vary, the sheer amount of money lost to cybercrime in Latin America every year is so high that there is considerable urgency for countries to step up their efforts, both legal and technical.
As AS/COA notes, most of the countries in the region have undertaken significant steps to strengthen their legislation and cybersecurity agencies, but the speed with which technology is developed or exploited in new, malicious ways requires constant vigilance and adaptation on behalf of both the authorities and private entities.
Beyond the struggle against financial cyber theft, developing stronger cybersecurity measures could also deal a serious blow to TOC involved in various kinds of illicit trafficking. There is a general trend of increased scrutiny of the financial sector aimed at detecting illicit or suspicious transactions in Latin America and the United States. The Panama Papers is an emblematic example of how this scrutiny can tell us more about aspects of TOC’s money laundering operations, and how cybersecurity could eventually allow for better policies and strategies to target a key component of criminal structures, namely their finances.
But perhaps the most urgent action that needs to be taken is the protection of vital infrastructure, as called for by the 2016 IDB report. Just as certain criminal groups have gained military capacity over the years, both in terms of training and equipment, it is not far-fetched to imagine TOC groups gaining the ICT that they need to rival government security institutions. Last year, Mexican cartels were able to interfere with the GPS of US border patrol drones, successfully sending the unmanned machines away from their designated monitoring area. Given the speed with which these technologies evolve, that will unlikely be the last — or the most damaging — example of how TOC uses cybercrime to facilitate its assorted criminal activities.