Latin America's Cyber Maturity Lags Threat Landscape - Dark Reading

Threat IntelligenceCyber RiskCybersecurity OperationsCyberattacks & Data BreachesNewsBreaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia PacificLatin America's Cyber Maturity Lags Threat LandscapeThe slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers and ransomware gangs.Alexander Culafi,Senior News Writer,Dark ReadingFebruary 20, 20264 Min ReadSource: Ivan Tsyrkunovich via Alamy Stock PhotoAlthough Latin American countries have made major strides toward cybersecurity maturity, sluggish progress and an aggressive cybercrime ecosystem present challenges ahead for the region.Intel 471 this week published a report detailing Latin America's cyber threat landscape, synthesizing data collected during 2025. Broadly speaking, the report references increasing security maturity for the region — citing a December 2025 report from the Organization of American States (OAS) attesting to this — while observing an increasingly hostile threat landscape. For example, Intel 471 reported more than 450 ransomware breach events in the region last year, marking a 78% increase over 2024. Furthermore, researchers tracked more than 200 initial access brokers targeting Latin American entities, multiple advanced persistent APT clusters around the world, and at least 119 hacktivist groups in 15 countries across the region. Related:Russia's Forest Blizzard Nabs Rafts of Logins via SOHO RoutersThe OAS report cited increasingly complex digital threats in the region, as well as a wide variance in security posture that's echoed in Intel 471's findings. Member states vary in areas such as software assurance, critical infrastructure protection, and cyber insurance adoption. "Despite growing awareness of cyber risk, structural challenges persist across the region, including limited cross-sector collaboration, shortages of skilled cybersecurity professionals, and inconsistent budget allocation," the report read. "These constraints continue to impede the development of sustainable cybersecurity maturity. As governments and critical sectors further integrate digital services and infrastructure, cybersecurity has transitioned from a technical concern to a strategic priority for Latin America."Latin America's Intensifying Threat LandscapeAlthough the threat landscape is always heating up in one way or another, Intel 471 said Latin America "has recorded the fastest global growth in disclosed cyber incidents, with reported activity increasing at an average annual rate of about 25% over the past decade." The first quarter of 2025 alone saw a 108% year-over-year increase. Latin American organizations face 2,640 cyberattacks per week, on average, compared to the global average of 1,955. "This escalation is largely attributed to rapid digitalization, persistent security gaps in cloud environments, and the increasing use of artificial intelligence (AI) to scale, automate, and enhance cyberattacks," the report read.The region saw some particularly devastating cyberattacks. In June, Brazil financial technology provider C&M Software was compromised in an attack originating from insider access credentials. Exploitation of its systems resulted in the diversion of 800 million Brazilian reals (approximately $148 million) from eight financial institutions. The DragonForce ransomware group claimed another attack against C&M later in the year. This was reportedly the largest ever cyberattack against Brazil's financial system.Related:Iran Hacktivists Make Noise but Have Little Impact on WarAlso in June, the Brigada Cyber PMC data extortion threat group "claimed to have stolen more than 7 million records containing personally identifiable information (PII) of Paraguayan citizens from three Paraguayan government systems." Attackers demanded a ransom of approximately $7.4 million, which researchers observed was $1 for each of the country's citizens. Brazil was the most targeted country in multiple categories highlighted in Intel 471's report, which makes sense, as it is, by far, the most populated country in Latin America. Brazilian entities accounted for 30% of ransomware and extortion attacks tracked in the report, followed by Mexico at 14% and Argentina at 13%. The most targeted sectors were consumer and industrial products; followed by energy, natural resources, and agriculture; and professional services and consulting.Related:EU Sanctions Companies in China, Iran for CyberattacksBroadly speaking, social engineering primarily enabled financial fraud in the region last year, with email and SMS phishing the most common mechanisms. Fraudulent call centers were also widespread, "redirecting victims to resolve fabricated e-commerce transactions, payment disputes, or alleged delivery issues." Instant messaging platforms like WhatsApp were also commonly used to impersonate financial institutions, logistics firms, and contacts. An Uncertain Cyber Future for Latin American Member StatesIntel 471 summarized its report by saying the territory's rapid digitalization outpaces its security maturity. "As a result, the region has evolved into not only a high-value target, but increasingly also a central hub for cybercriminal activity, with reported incident volumes and attack frequencies exceeding global averages across multiple open source datasets," researchers said. Moreover, as a hub for cybercrime, attackers have begun to scale schemes tailored for local organizations and reuse them against North America and Europe. This reflects increasing maturity for its cybercriminal ecosystem, Intel 471 said, and limited disruption efforts mean there are banking Trojans that have been operational for more than a decade. In the short term, the researchers' broad assessment was not optimistic. "Looking ahead, we assess that meaningful risk reduction is unlikely in the near term," Intel 471 said. "The development, harmonization, and enforcement of national cybersecurity policies and legislation remain slow-moving processes, while cybercriminal innovation continues at a faster pace — especially in the era of AI," the researchers wrote. "Absent significant improvements in regulatory enforcement, public-private cooperation and regional information sharing, Latin America is likely to remain both a primary operating environment and an export hub for financially motivated cybercrime over the coming years."Read more about:DR Global Latin AmericaAbout the AuthorAlexander CulafiSenior News Writer, Dark ReadingAlex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels.See more from Alexander CulafiWant more Dark Reading stories in your Google search results?Add Us NowMore InsightsIndustry ReportsAI SOC for MDR: The Structural Evolution of Managed Detection and ResponseHow Enterprises Are Developing Secure ApplicationsKuppingerCole Business Application Risk Management Leadership Compass2026 CISO AI Risk ReportQKS AI Maturity MatrixAccess More ResearchWebinarsDefending Against AI-Powered Attacks: The Evolution of Adversarial Machine LearningZero Trust Architecture for Cloud environments: Implementation RoadmapTips for Managing Cloud Security in a Hybrid Environment?Security in the AI AgeIdentity Maturity Under Pressure: 2026 Findings and How to Catch UpMore WebinarsEditor's ChoiceCybersecurity OperationsRSAC 2026: AI Dominates, But Community Remains Key to SecurityRSAC 2026: AI Dominates, But Community Remains Key to SecuritybyKristina Beek,Rob WrightApr 2, 2026Want more Dark Reading stories in your Google search results?2026 Security Trends & OutlooksThreat IntelligenceCybersecurity Predictions for 2026: Navigating the Future of Digital ThreatsJan 2, 2026Cyber RiskNavigating Privacy and Cybersecurity Laws in 2026 Will Prove DifficultJan 12, 2026|7 Min ReadEndpoint SecurityCISOs Face a Tighter Insurance Market in 2026Jan 5, 2026|7 Min ReadThreat Intelligence2026: The Year Agentic AI Becomes the Attack-Surface Poster ChildJan 30, 2026|8 Min ReadDownload the CollectionKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsDefending Against AI-Powered Attacks: The Evolution of Adversarial Machine LearningMon, May 11, 2026 at 1:00pm ETTips for Managing Cloud Security in a Hybrid Environment?Thurs, May 7, 2026 at 1pm ESTZero Trust Architecture for Cloud environments: Implementation RoadmapTues, May 12, 2026 at 1pm ESTSecurity in the AI AgeTues, April 28, 2026 at 1pm ESTIdentity Maturity Under Pressure: 2026 Findings and How to Catch UpWed, May 6,2026 at 1pm ESTMore WebinarsWhite PapersHow Sunrun Transformed Security Operations with AiStrikeAutonomous Pentesting at Machine Speed, Without False PositivesBest practices for incident response planningIndustry Report: AI, SOC, and Modernizing CybersecurityThe Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks.Explore More White PapersBlack Hat Asia | Marina Bay Sands, SingaporeExperience cutting-edge cybersecurity insights in this four-day event featuring expert Briefings on the latest research, Arsenal tool demos, a vibrant Business Hall, networking opportunities, and more. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass.GET YOUR PASSGISEC GLOBAL 2026GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills.📌 Book Your Space