Jamaica received 43 million attempted cyberattacks in 2023, according to data from FortiGuard Labs, Fortinet’s threat intelligence and analysis laboratory. 

The Latin American and Caribbean region suffered 200 billion attempted attacks in 2023, accounting for 14.5% of the total reported globally last year. Mexico, Brazil, and Colombia were the Latin American countries with the highest cyber-attack activity in 2023. 

Compared to the previous year (360 billion attempted cyberattacks in 2022), this figure is quite lower, but that is not necessarily good news. As FortiGuard Labs has been reporting, this is a global trend as there are fewer massive attacks and a greater volume of unique exploits and new malware and ransomware variants that are much more targeted. In short, fewer attacks are designed for specific targets, making them more sophisticated and more likely to succeed if organisations do not have integrated, automated, and up-to-date cybersecurity defences. 

Other aspects from Fortinet’s FortiGuard Labs 2023 report:

• Ransomware continued to have significant activity in 2023. While detections may have decreased in volume, this trend supports what FortiGuard Labs has seen in recent years: ransomware and other attacks are becoming increasingly specific and targeted, thanks to the growing sophistication in attackers’ tactics, techniques, and procedures, and their desire to increase ROI per attack. This phenomenon underscores the importance of remaining vigilant and strengthening defenses against potential targeted attacks.

• During 2023, there was a notable presence of threats linked to Microsoft Office applications. Although many of these threats already have their remediation signatures, the persistence in their detection suggests that attackers continue to find utility in their exploits, as many organizations’ systems have not been patched or updated. An example is FortiGuard Labs’ recent discovery of a phishing campaign distributing a new variant of the Agent Tesla malware. This well-known malware family uses a remote access trojan and data stealer to gain initial access. Cybercriminals often use it to deliver malware as a service (MaaS).

• By 2023, malware distribution through Microsoft Office files, such as Excel, Word, and PowerPoint, has accounted for almost 50% of malware detections. Therefore, it is recommended to implement awareness strategies among employees and use controls such as Antispam, Antimalware, and EDR, among others, to effectively detect and mitigate this malicious activity.

• Prometei, a malware that can remotely control infected machines, has experienced a notable increase in activity in Latin America and the Caribbean during 2023, with Panama and Ecuador as the countries with the highest activity detected. Not only does Prometei have the ability to spread laterally across networks, steal password credentials, and execute arbitrary commands, but it can also download and execute additional malicious components. Furthermore, it has the capability to perform cryptocurrency mining and update automatically.

• As in previous periods, the Double Pulsar exploit continues to top the list as the predominant vulnerability in virtually all Latin American and Caribbean countries, accounting for 75% of all malicious activity detected in the last quarter of 2023. Since this threat was identified long ago and has its remediation signatures, this phenomenon highlights the critical need to update systems and implement the recommendations of cybersecurity vendors.

• There was an exponential increase in malicious activities detected in Mexico during the fourth quarter of 2023, experiencing a staggering growth of 950% compared to the previous year. This phenomenon is primarily linked to a notable increase in reconnaissance tactics actively seeking out exposed systems using the SIP protocol for Voice over Internet Protocol (VoIP) calls, providing remote attackers the ability to gather sensitive information or even gain access to vulnerable systems.

Disrupting cybercrime requires a comprehensive approach

In this context, organizations must be more prepared than ever by including cybersecurity as part of their business strategy. A comprehensive platform integrates networks and security to simplify operations, utilizing AI automation to ease IT burdens. It facilitates real-time monitoring, detection, and isolation of intrusion attempts, preempting threats before and after they breach the network.

As a leader in enterprise-class cybersecurity and networking innovation, Fortinet helps protect over 700,000 organizations worldwide, including global enterprises, service providers, and government organizations. It is noteworthy that Fortinet’s ongoing development in artificial intelligence (AI) applied to cybersecurity use cases, both in FortiGuard Labs and in the product portfolio, is accelerating prevention, detection, and response.