Caribbean faced 144 million cyberattack attempts in 6 months

One of the biggest lessons learned during this covid19 pandemic is technology can be everyone’s ally or be someone’s enemy.

The pandemic accelerated the adoption of technology, digitalisation, as well as the automation of processes and tasks within business, industrial and service sectors. However, there were alerts for cybercrimes, which, according to data, increased 600 per cent during this health emergency.

In an interview with Infobae, a worldwide Spanish-language online newspaper, technology company IBM noted that the average cost of a data breach of a company in 2022 was US$2.09 million. This represents an increase of 15 per cent in comparison to what was registered in 2021. However, this is not the only variation recorded. In the Latin America Outlook report prepared by IBM, it noted that 60 per cent of the companies increased the price of their services following a data breach.

Other data reveal that the Latin American and Caribbean region suffered 137 billion attempted cyberattacks between January and June 2022. This is an increase compared to the same period in 2021. In addition to the extremely high numbers, the data reveal an increase in the use of more sophisticated and targeted strategies, such as ransomware. During the first six months of 2022, approximately 384,000 ransomware distribution attempts were detected worldwide. Of these, 52,000 were destined for Latin America.

It is estimated that in 2021 there were 289 billion cyber threats that affected Latin America, which means that each of the 667 million inhabitants has been subjected to or an average of 433 attacks in the year (more than one per day).

In the first half of 2022, the Caribbean experienced 144 million cyberattack attempts, with ransomware being the most common breach. TT was among the Caribbean countries that experienced such attacks. Last year, the TT Cybersecurity Incident Response Team (TT-CSIRT) of the Ministry of National Security reported a significant increase in attacks, especially ransomware. One of the most high-profile cases was the attack that forced Massy Group, one of TT's largest suppliers of consumer goods and pharmaceuticals to close its stores. Hackers froze the supermarket chain's system and extracted approximately 216 gigabytes of data.

"These cyberattackers take advantage of system vulnerabilities and in many cases not only affect data centers or databases, but also any system or equipment connected to an internet connection network or cloud," said Jaime Reinoso, South English Caribbean territory manager at Schneider Electric.

Cybercrime is constantly evolving. Attackers are attentive to the latest trends and technologies to hook the largest number of victims with attacks that often involve various actions and seek to make at least one successful. In addition, they have gone from being basic and massive to more complex and selective, which shows that cybercriminals are fine-tuning their tactics and procedures to be more efficient with their goal. "In the last two years, companies across all industries have migrated a lot of their processes, equipment, machinery and maintenance controls to intelligent systems connected to the Internet of Things (IoT), to cloud networks, interconnecting and digitising. However, when making this migration, parameters and security systems must be taken into account to prevent an attacker from taking advantage of these multichannel platforms," Reinoso said.

Sectors at risk

In 2022, for the first time, a group called Conti managed to paralyse the financial operations of Costa Rica, causing the country to declare a national emergency. At first it was about financial operations, but the attacks spread quickly, and at the end of May the group repeated and attacked the social security box through the Hive ransomware. The estimated cost of this crisis was estimated at US$38 million per day.

Healthcare providers and hospitals have long been a prime target. In January 2022, the International Red Cross was the victim of a cyberattack in which 500,000 people receiving services from the Movement were affected. Meanwhile, in France, on August 22, 2022, the Corbeil-Essonnes hospital saw a part of its data hacked on the darknet and the Consorci Sanitari Integral (CSI), which includes several health centres in Barcelona, was hit by a cyberattack in October 2022.

"It is important to bear in mind that the systems of, for example, a bank, are not the same as those of a hospital, in which the monitoring of equipment becomes lighter and, therefore, an opportunity for the attacker, who will not go after the equipment but rather after the software that controls it. By having access to a shared network, it can enter through that software and reach databases or sensitive information, as well as control the operation of the equipment and even interrupt its operations," explained Reinoso.

For this, Schneider Electric, a leader in digital transformation of energy management and automation, has several solutions through EcoStruxure, which offers end-to-end protection through the monitoring and protection of equipment and systems connected to it regardless of their software. EcoStruxure is Schneider Electric's open, interoperable, IoT-enabled systems architecture and platform. It powers advances in the areas of IoT, mobility, sensing, cloud environments, analytics and cybersecurity to deliver innovation at every level.

The architecture includes connected products and control at the edge of the network, as well as applications, analytics tools, and services. EcoStruxure has been deployed in more than 450,000 locations, with the assistance of 9,000 system integrators, and connects more than one billion devices.

"EcoStruxure IT makes a total control of the operation of the company, plant or factory, if there is a computer with vulnerability, the same platform detects it and can turn it off to avoid a risk, for example. It not only protects at the software level but also those processes that have electromechanical components or systems where the platform is interconnected and performing constant monitoring intelligently to avoid a risk to the operation of the company, "concluded the executive.

As part of Schneider Electric's cybersecurity strategy for all companies, the following must be taken into account:

￭ Identification of business risks related to cybersecurity based on a potential impact assessment. This includes an assessment of potential vulnerabilities and attack vectors and the definition of a remediation approach (which may encompass technologies, processes and people) for the identified critical business risks.

￭ Implement targeted and differentiated protection for the most sensitive corporate assets by ensuring the right organization, technology and people are in place to avoid any lasting impact on business continuity or quality of service provided to customers.

￭ Implementation of internal cybersecurity capabilities to mitigate identified vulnerabilities.

￭ Implementation of frequent third-party security ratings and assessments. Additional internal vulnerability assessments and drills are also conducted, especially for the most critical sites (ie, global supply chain and research and development).

The above article is courtesy Schneider Electric.