Symantec and the Organization of American States (OAS) Secretariat of Multidimensional Security (SMS) and the Inter-American Committee against Terrorism (CICTE) released a report analyzing cybersecurity trends and government responses in Latin America and the Caribbean.

The co-sponsored report explores various cybersecurity trends including the overall increase in data breaches:

Rise of Ransomware and Cryptolocker

ATM Fraud

Social media and mobile computing vulnerabilities

Malware

Spam

Spear phishing

As opposed to other threat reports on cyber vulnerabilities in the Americas, this report is unique in that it incorporates the perspectives of OAS Member State governments and online threat data from Symantec’s comprehensive cyber threat monitoring network.

Download the complete report at: http://www.symantec.com/content/en/us/enterprise/other_resources/b-cyber-security-trends-report-lamc.pdf

Annex: 2013 in Numbers

This annex includes additional threat data specific to Latin America and the Caribbean.

From: http://www.symantec.com/page.jsp?id=cybersecurity-trend

Executive Summary

2013 was another important year for cybersecurity and cybercrime- related activities in Latin America and the Caribbean. The digital divide continued to shrink as the region again experienced some of the world’s highest rates of growth in connectivity. More users, more devices and systems, more networks, and more services all translated to more opportunities and benefits for more people.

But it also meant increased threats and vulnerabilities, more victims, and higher costs, financial and otherwise.

The governments of the region strove to keep pace with the evolving landscape, and achieved some notable advances at both the regional and national levels. At the regional level, despite persistent obstacles and complications, responsible national authorities including national Computer Security Incident Response Teams (CSIRTs, also commonly referred to as CERTs or CIRTs) and law enforcement agencies shared more information and cooperated at a technical level more actively than

ever before, often with positive results. For many countries cooperation in real-time in response to unfolding incidents or criminal activities became more commonplace, as well as more efficient and effective. Regional and international partners continued to play a key role in bringing officials together to build capacity, strengthen relationships, and share knowledge and experiences, as well as in providing tailored assistance to individual governments. And while initiatives to develop official regional standards have not borne fruit, there is no question that the bar has been raised in terms of what is expected of national authorities to secure the cyber domain.

Indeed, in 2013 many countries made important strides forward in developing their policy and legal frameworks and building their technical capacities. At least four governments, namely Guyana, Jamaica, Trinidad and Tobago, and Barbados, made significant headway in establishing or operationalizing a national cyber incident response team or capability. Other governments have initiated processes to do the same. While only one country in the Americas, Trinidad and Tobago, formally adopted a National Cyber Security Strategy, the OAS and partner institutions began working with three other countries towards the same end. Numerous laws were adopted during the course of the year, strengthening legal frameworks and enabling national authorities to better respond to, investigate, and prosecute nefarious cyber activities or crimes involving the use of ICTs.

Investments in training and capacity-building showed tangible results, as authorities responsible for incident management or the investigation of cybercrime responded more swiftly and effective- ly, mitigating the impacts of attacks and netting more perpetrators of crimes. Examples of this are highlighted in many of the individual country reports.

Recognizing that knowledge — of the risks that come with using ICTs, and how to minimize and mitigate those risks — is arguably the single most valuable tool that national authorities can develop and deploy to enhance cybersecurity and combat cybercrime, many countries stepped up their awareness raising activities in 2013. Innovative outreach efforts, awareness raising campaigns, and educational programs targeted the full range of stakeholders, including govern-

ment personnel; business, banks and other private enterprises; students; and the public at large. The partnership campaign STOP.THINK.CONNECT continued to gain traction in the Americas, and now includes five participating government authorities and other stakeholders throughout the region, with several other national authorities considering joining.

Despite the important advances, if the experience of 2013 demonstrated one most important thing, it is the need for all involved to double-down – on reforming laws and policies, building technical capacity, raising awareness, sharing information, and cooperating with other stake- holders.

A significant imbalance persists in terms of where States stand in their cyber-related development. Some have developed advanced and integrated technical and investigative capabilities, and have the requisite laws in place to utilize those capabilities to full effect. Others remain at or near the starting gate, grappling with the challenges inherent in determining what needs to be done, who needs to be involved, and how to best allocate limited financial human resources. The latter governments can benefit from the experience and expertise of their more advanced counterparts, and initiatives to encourage and facilitate this kind of horizontal cooperation and capacity-building must advance and increase. The OAS and other regional and international partners have a vital role to play here and must continue to tailor capacity building initiatives

to countries’ needs, exchange lessons learned and good practices in cybersecurity development, and continue to foster stronger partnerships for the benefit of states receiving assistance.

Even the most advanced countries in the region cannot afford to become complacent. Data provided by national authorities and collected by Symantec from the Americas and Caribbean clearly evidences significant increases in the volume of cybercrimes, attacks and other incidents in just about every country in the Hemisphere.

The most commonly reported incidents affecting individual users involved phishing, followed by misappropriation of a person’s identity for financial fraud or through social networks. The latter seems to track with the expansion of social networks and their communities of users, now found in every OAS Member State in ever-growing numbers, and is reflected in increased reporting of incidents involving defamation, threats, and cyberbullying. The growth in the use of electronic banking services has brought about a parallel increase in efforts to defraud both banks and their clients, and has caused tremendous – although greatly underreported – financial losses. Unauthorized access to systems and the information they contain is another significant threat area where authorities noted a rise in the number of incidents, particularly involving private companies and small and medium sized enterprises (SMEs). Increasingly, in such situations a ransomware such as Cryptolocker is used in an effort to extort money in order to restore files. Many authorities also reported increases in the number of denial of services attacks against both government and private web sites. Interestingly, however, numerous countries reported a decrease in web defacements and other acts of ‘hacktivism’, which may reflect government efforts to identify perpetrators of previous incidents.

On the whole, as the volume of illicit activity has increased and the tools and techniques have become more sophisticated, it has raised the pressure on government authorities to keep up. Personnel responsible for detection, response and investigation have struggled to remain up to date with the latest technologies and exploits, and to develop and maintain proficiencies in specialized areas like forensics, intrusion detection, and malware and vulnerability analysis, among others.

For all the attention rightfully given to more sophisticated cyber attacks and exploitations using malware and hacking techniques, it cannot be overlooked that the prevalence of ICTs in every aspect of our lives has also translated to their increased use in many traditional crimes, both those carried out by individuals as well as organized criminal groups. Child pornography and other forms of exploitation of children and minors remains the largest such area of such on-line criminal activity, despite a host of national and international initiatives seeking to deter it.

Trafficking in arms, drugs and persons is also facilitated by ICTs and the Internet. This has necessitated that law enforcement and judicial authorities acquire the ability to investigate and prosecute crimes in a cyber ecosystem that is ever more complex, through the use of digital forensics, the preservation of digital evidence, and the presentation of that evidence in court. Developing these capabilities, however, requires financial and human resources that few law enforcement agencies have in abundance, if at all.

Recent experience also confirms that governments cannot do the job of securing the cyber domain alone. As the owners and operators of most of the critical infrastructures and systems in the region, and the purveyors of most online services, private sector entities are equally responsible for strengthening cyber resilience and combating cybercrime. Govern- ment authorities and key private sector stakeholders must do more to dialogue and share info, build trust, and identify and realize opportunities for collaboration. Developing the relationships and mechanisms for info-sharing and cooperation between national authorities and companies based outside the region, for example in the US, presents an especially urgent challenge.

In citing recent motivations for stepped up cybersecurity-related efforts, numerous national authorities highlighted leaks of government information throughout the hemisphere as a catalyst for action. Broad sectors of society have recognized the role cybersecurity plays in ensuring that privacy and individual freedoms are adequately protected in a rapidly-evolving digital age. While it is to be expected that national authorities seek to secure their assets and information from potential exploitation by other governments, it is vital that such activities do not undermine or otherwise distract countries from working in a more collaborative and open way.

Taken on the whole, the trajectory of cybersecurity and cybercrime-related efforts on the part of governments throughout the Americas and Caribbean was positive in 2013. Important progress and advances were made, as governments took concrete steps to bolster their capacity to better secure their cyber domain and deter and punish acts of cybercrime. Much more remains to be done however, in light of the clear rise in activities by those who would do harm by exploiting vulnerabilities in the cyber domain, and the growing costs of such activities for all of us.