In 2022, the volume of digital threats detected and blocked in Brazil fell to pre-Covid-19 pandemic levels. The decline, experts point out, comes from a scenario with companies better prepared to defend themselves, but also from more selective criminals and more costly attacks.
Survey carried out by Kaspersky, a company specializing in cybersecurity, at the request of Sheetshows that detections of malware (malicious programs) were down 12% year-over-year.
The drop follows a surge in cybercrime, which has taken advantage of vulnerabilities created by a world that has become more online overnight due to restrictions imposed by the coronavirus.
One threat that has exploded in recent years is ransomware. In this modality, criminals block data and systems, such as computers and other digital machines, and charge a ransom to restore access. Practice yields millionaire amounts to criminals.
Even with the retreat, Brazil remains one of the main affected by cyber threats in the world. The MIT Technology Review’s 2022/23 Cyber Defense Index ranks the country 18th among G20 members.
In 2022, some of the world’s leading ransomware groups have shifted some of their focus from wealthier locations and to companies and government entities in developing countries. In Colombia, for example, the Kaspersky survey points to an increase of 70%.
An attack by the Russian group Conti on the Ministry of Finance in Costa Rica, in April, caused millions in damage and impacted systems in the country for months. It even paralyzed imports and exports in the country.
“The US government has tried several times to pass laws to prevent the payment of the ransom and to control payments via cryptocurrencies”, says Fabio Assolini, director of Kaspersky’s research team for Latin America. With revenue at risk of being stifled, hackers had to look elsewhere.
Despite the jump noted in some countries, the general trend, including in Brazil, is for a lower volume of attacks. Around here, the analysis points to a 35% drop in ransomware attempts. The number of victims impacted remained stable at 30,000.
This happens because, with the maturation of this type of attack, criminals are more selective with their targets: they prefer to spend energy on those that will give more financial return instead of shooting everywhere.
There is also an evolution of defenses, which happen at many layers, including best practices in user awareness, managing who has access to what, and better monitoring what is done with company data. With this, it may be that viruses are contained before they even cause any impact.
“Having a well-implemented security posture has reduced the main types of attacks”, says Roberto Engler, security leader at IBM Brazil. “We clearly see a decrease in more mature markets, with more investment.”
Engler warns of diversification in targets. “The paradigm that only large companies are attacked is no longer true. The parameter used by criminals is no longer the size of the company, but how much it is willing to pay”, he says.
A survey by Redbelt Security, a cybersecurity consultancy, shows a 96% increase in new ransomware variants detected in 2022 compared to 2021. “This growth is due to more attackers using ransomware-as-a-service (RaaS)”, says Eduardo Bernuy Lopes, CEO of the company.
RaaS has emerged as a trend with the increased professionalization of ransomware attacks. With it, criminal groups specialize in providing the viruses and infrastructure for third parties to carry out criminal attacks. That is, an employee, even with little technical knowledge, can buy a pre-made one with everything he needs to try to extort his employer with a cyberattack, for example.
Ransomware is often associated with double extortion tactics, in which criminals charge to restore victims’ systems and not leak data stolen during the onslaught.
A study by IBM shows that, in 2022, the cost of data leaks reached the highest value in history in Brazil, with each breach generating an average loss of BRL 6.45 million.
The same analysis points out that, on average, it is better to follow the recommendation of authorities (such as the FBI, US federal police) and not pay ransoms. On average, the cost per leak drops by U$630,000 (R$3.2 million) when the criminals’ requests are met, but the amounts demanded by kidnappers are higher —passing from U$800,000 (R$4.1 million ).
The high figures can make access to insurance against digital incidents more expensive. To the Financial Times, Mario Greco, CEO of Zurich, stated that cyber could become “uninsurable”.
An old acquaintance in the world of digital threats, phishing remained high in 2022. The practice, which consists of using false content via email, websites or applications to, mainly, steal information, was 27.5 million blocks in Brazil in 2021 to 54.5 million last year, according to Kaspersky’s survey.
“This is always one of the main attack vectors,” says IBM’s Engler. “And it’s extremely simple, often fought with education, teaching people not to click on suspicious email.”
In banking trojans, viruses designed to steal financial information, a 10% drop in Brazilian computers was detected. Specialist Fabio Assolini attributed the decrease to a shift in the focus of criminals operating in the country, who began targeting targets on other continents.
I have worked in the news industry for over 10 years and have been an author at News Bulletin 247 for the past 5 years. I mostly cover technology news and enjoy writing about the latest gadgets and devices. I am also a huge fan of music and enjoy attending live concerts whenever possible.