Cybersecurity has become essential throughout the world, and Latin America is no exception to this reality. According to the IBM X-Force Threat Intelligence Index 2024 report, the region was the fourth most attacked in 2023, accounting for 12 percent of incidents worldwide.
State-sponsored cyberattacks are a leading cause of concern among government entities, with ransomware, trojans, and spam among the top three areas of concern.
Chinese hackers - GettyImages
Brazil led with 68 percent, Colombia stood out as the second most affected country with 17 percent, maintaining its 2022 position, followed by Chile with eight percent, IBM specified. The attacks were mainly aimed at exploiting public applications as the initial access vector, followed by phishing, and the use of valid accounts.
Most of the attacks come from China and Russia and seek to steal and hijack data and personal information, said Jean Reyes, of Honduran technology firm GBM. “In the next few years, a cyber event of great magnitude could happen, due to global geopolitical instability,” Honduran newspaper La Prensa reported.
“As part of the technological deployment, Chinese companies such as Huawei, ZTE, Xiaomi, and TikTok and online stores of Chinese origin are involved in collecting user data, which they share with the Chinese government,” Víctor Ruiz, founder of the SILIKN cybersecurity center in Mexico, told Diálogo on March 5. “This poses significant risks in terms of privacy and information security.”
Chenlun
In Chile, more than 740,000 cyberattacks were recorded in 2023, most of them attributed to Chinese hackers, Chilean daily El Mostrador reported. These attacks, carried out by groups such as China-backed APT40, Volt Typhon, and Dalbit, are increasing in frequency and sophistication, affecting servers and personal devices, generating data loss and infiltrating banking and government institutions.
Twoko, a Chilean digital security laboratory, reported an increase in scams via text messages, simulating package delivery problems in Chile, with the impersonation of shipping companies such as Correos de Chile or Chilexpress to obtain bank details, the Center for Investigative Journalism (CIPER) in Santiago de Chile, indicated on February 14.
According to CIPER, this practice combines traditional phishing with SMS messages to obtain users’ confidential data. After tracing dozens of numbers that sent these messages and the web page addresses that appear in them, Twoko detected that a Chinese network sells packages to carry out this crime through Telegram.
When analyzing the site’s source code, Twoko said, they found comments in Chinese and the name “Chenlun.” The identification of @chenlun led to Telegram channels, where phishing packages are sold, revealing a network behind these SMS campaigns.
“In the case of SMS, it highlights that China does not face language issues and although some messages may have errors, many are identical to legitimate ones,” Ruiz said. “This suggests that fraudsters continue to adapt, employing various tactics such as phishing, malicious emails, and fake messages.”
Chenlun’s activities highlight the sophistication and seriousness of today’s cyberthreats, CIPER noted. “Through these actions, fraudsters can identify the user’s work location and target specific attacks, such as obtaining confidential company information,” Ruiz said.
“In addition, Chinese hackers take advantage of international news, from political events to sporting events, to send malicious messages,” Ruiz added. “This pattern is not new, as China has constantly sought to insert itself in Latin American countries.”
Under the table
China consistently rejects most accusations of hacking by Western governments and private cybersecurity firms, NBC reported. “Although the Chinese government denies knowledge of these criminal groups, they receive under the table government support, while their actions benefit the government, even if it does not officially recognize them,” Ruiz said.
“In Latin America, cybersecurity awareness is low and perceived as a passing fad. It is essential to understand that it is a critical issue. All companies must take proactive measures and implement sound cybersecurity practices,” Ruiz added. “In addition, more education is needed for users to protect their online data.”
“It is essential that governments in the region collaborate with the private sector and other relevant actors — such as the United States — to effectively address messaging scams, cyber hijacking, and artificial intelligence abuse, to counter the increasingly sophisticated tactics employed in cyberattacks,” Ruiz concluded.
Comments