According to a survey by F5 Networks, Brazil is in seventh place in the ranking of cybercrimes with seven million attacks, while Argentina is in ninth place, with six million criminal actions. In addition, the study reveals that in the pandemic era, cybercriminals continue to scan remote access ports to break into businesses and governments.
F5 Networks, a company that works in solutions that guarantee the security and delivery of corporate applications, has announced the results of the Cyberattacks Targeting Latin America Survey, a report conducted by F5 Labs based on events during the months of January, February and April, 2021.
Headquartered in Seattle, USA, F5 Labs is a division of F5 Networks that works 24/7 to identify threats that affect companies around the world; the knowledge built by the F5 Labs experts is freely available on the portal. The study was carried out by the F5 Labs team of experts in conjunction with professionals from the US security company Effluxio.
The US leads the way as a point of origin for digital attacks against Latin America, with more than 50 million malwares sent in the first quarter of 2021. In second place comes Lithuania, followed by China, Russia, Germany and France. In seventh position as the main source of contaminated traffic is Brazil, with seven million malwares. Next come the Netherlands, Argentina – with six million attacks – and the UK.
Ewerton Vieira, Director of Engineering Solutions, F5 Networks Latin America, said: “These attacks can be of two types: DDoS or ransomware. In the case of ransomware, the attacks are often based on bots formed by thousands of digital devices such as Smart TVs and routers, equipment used in attacks without the owners of these devices knowing about it.”
Mexico’s digital gangs focus on the US
Countries with large populations which are intensely digitized, such as Brazil and Argentina, are ‘fertile ground’ for these two types of attacks. Mexico also fits these criteria, but, in Vieira’s view, most Mexican digital gangs prefer to focus their efforts on the US and not on other Latin American countries.
“This explains why Mexico does not stand out in the list of countries that most attack our region,” he said.
Experts from F5 Labs and Effluxio also analyzed the incidence of attacks focused on web pages.
“We tend to think that the Internet and the Web are the same thing – they aren’t. The Internet represents the way where IP traffic will pass. The web, heavily dependent on the browser, servers, the URL and the way in which the page was developed, is the platform that uses Internet routes,” said Vieira.
“Companies’ businesses are closely linked to their presence on the Internet through Web pages that serve as an interface for large corporate applications. For this reason, Web-focused attacks are more sophisticated and profitable than attacks against Internet infrastructure.
“Fraud actions against B2C or B2B transactional portals are advancing every day in our region.”
Chile leads attempts to invade web pages in the region
The F5 Labs study shows that Chile is the country in Latin America that makes more attacks against web pages – almost 24,000 hacking attempts in the first quarter of the year. Next comes Brazil, with 23,500 searches for breaches in web interfaces. Another highlight is Argentina, with 9,000, Colombia, with 5,500 invasion attempts and, finally, Panama with 1,200.
“These results prove that cybercriminals in these countries are dedicating themselves to more precise and more profitable actions,” said Vieira.
These attacks can be focused on unencrypted pages – written in the HTTP language – or on encrypted pages developed in HTTPS.
The growing use of encryption makes fighting digital intrusions even more challenging. Web checking to identify illegal traffic is a complex operation that requires solutions based on AI and ML to, in high-volume processing demands, separate the chaff from the wheat without, however, affecting the performance and UX offered by pages of Business-critical web sites in the region.
“In other words: HTTPS protects the company, but it can also protect the hacker,” said Vieira.
Pandemic increases incidence of attacks on remote access ports
The study by F5 Labs also analyzes the degree of vulnerability of communication ports for remote access.
“The pandemic changed the structure of ICT Security in our region overnight,” said Vieira.
“Companies and government agencies that were used to defending with excellence the traditional perimeter were forced to build remote access solutions that did not always follow the best cybersecurity practices.”
This reality meant that, in the first months of 2021, the communication ports for remote access continued to be scanned by digital gangs. One of the biggest targets is the VNC/RFB ports, which suffered 108 million hacking attempts in January, February and March this year.
The other most significant targets are SSH ports, with 46 million scans, Telnet, with 17 million intrusion attempts and RDP ports (Microsoft environments), with more than ten million scans.
In the view of Ewerton Vieira, the study by F5 Labs and Effluxio reveals the logic of digital crime concentrated in Latin America.
“It is clear that gangs continue to innovate and diversify their attack strategies, incessantly seeking profit opportunities,” said Vieira.
“The sustainable growth of our region’s digital economy depends on companies relying on knowledge and technologies that protect the environment against threats.”