Statistics of Cyberattacks in Argentina

Argentina has a growing population of well-educated and tech-savvy individuals. However, despite the rate of Argentinians using the internet for personal and business purposes, the nation’s cybersecurity market is not mature. According to the International Trade Administration, Argentinian companies invested more than $108 million on cybersecurity in 2019 and the figure is expected to have risen this year. However, the country’s cybersecurity infrastructure is still a few years behind more advanced countries like the US, UK, and Brazil.

Although there’s some awareness about cybersecurity issues among Argentine society, cyber attacks continue to occur regularly. In addition, while some statistics exist to track the trend of cybercrime in Argentina, a vast majority of cases are unreported or not adequately documented. The same goes for cybercrime in Italy, and elsewhere in European nations.

Nonetheless, this article focuses on the existing facts and statistics on Argentina’s cybersecurity over the years so you can understand how it affects people and businesses in 2022 and the coming years.

Rise of Cybercrime in Argentina

According to Statista, there were more than 1500 reported cases of cybercrimes in Argentina in 2020. Furthermore, this figure was a 60 percent increase from the 971 cases that were recorded in 2019. Out of the total cases recorded in 2020, 264 were phishing attacks, and 262 were related to extortion. This report indicates that online crimes in the country are becoming more frequent than they used to be in the past, and by the end of 2022, we may record higher figures.

Prior to 2008, there weren’t specific laws in Argentina to curb cybercrime. Thanks to the lack of regulations and policies, cybercriminals in Argentina thrived unchecked because their activities weren’t categorized as criminal. However, that all changed in 2008 when the government adopted the Cybercrime law. Although the Cybercrime Law is a step in the right direction, it does not encompass all the illicit acts committed online.

According to the United States Department of Commerce, the top cyber challenges that exist in Argentina are malware or cybercrime/espionage (40%), and security risks from social networks (30%), IoT, or BYOD (16%), and Big Data (49%).

Cybersecurity in Latin America

The rate of cyberattacks in Latin America is quite profound. In the first six months of 2020, there were approximately 39 million human-initiated cyberattacks from the Latin America region alone. This rate of attacks was significantly higher than the global average.

In 2020, Argentina was one of the top five countries (including Mexico and Brazil) with the highest percentage of computer internet users in Latin America. Furthermore, the country also ranked top among countries with the highest figures of mobile devices affected by malware.

The Most Common Cyberattacks in Argentina

Over the years, cybercriminals have continued to carry out attacks in Argentina. These bad actors use various means of attack to target individuals and organizations. Unfortunately, some of these criminal activities are still not punishable offenses. However, here are some of the most effective cyberattacks common in Argentina:

Malware

Malware refers to any form of malicious software designed to interfere with how a system functions. It gives cybercriminals the ability to infiltrate, control or monitor a device as they want. This is one of the easiest tools hackers in Argentina use because many users cannot detect suspicious apps or files containing malware.

According to research by Statista, 9% of Argentinian mobile users who used Kaspersky Lab’s mobile security software were attacked by malware in the second quarter of 2021. Seeing as 98% of malware are designed to target Android devices, it’s not all too surprising. Also, 92% of malware is sent out to targets via emails.

Furthermore, although cybersecurity in Argentina may improve to deal with issues like malware more effectively, statistics indicate that 18 million websites are infected with malware weekly.

Phishing

Phishing is one of the most common forms of cyberattack in Argentina. It is pretty elaborate and has a high rate of success. Phishing is a kind of social engineering attack. Criminals use social engineering attacks to trick users into giving up sensitive information by pretending to be a trusted friend or a family member.

There are different methods of phishing attacks, but the most common is email phishing. Email phishing scams involve a cybercriminal pretending to be someone known to the target and sending an email. This email usually contains a file or a link. Once the target downloads the file in the email or clicks the link, the bad actor gains access to the person’s device.

Phishing isn’t just prevalent in Argentina alone. In 2020, it was reported that phishing attacks are the most prevalent cause of data breaches worldwide. These attacks target individuals and businesses. According to GDS (Global Data Systems), phishing attacks are responsible for more than 93 percent of business data breaches.

Argentines need to be cautious of responding to emails that prompt them to download suspicious files or click on links. Since the COVID-19 pandemic up till now, the common tactic employed by hackers is to pretend they are health officials, or a body offering some sort of care package.

Major Data Breaches in Argentina

A lot of cases of cyberattacks go unreported in Argentina which is one of the reasons there’s currently little data from 2022. Sometimes, these cyberattacks are not reported early. However, the reality remains that there are malicious characters online, and innocent, unsuspecting Argentines and businesses suffer at their hands. Some of the most significant cyberattack cases in Argentina in recent years include:

RENAPER

In October 2021, it was widely reported that a hacker had breached an Argentinian government agency’s network and stolen the complete ID card details of the country’s entire population. Later on, the hacker started to advertise the sale of the stolen data on social platforms.

The data breach occurred in September, and the target was Argentina’s Registro Nacional de las Personas (RENAPER), which translates to “National Registry of Persons.” RENAPER is an integral part of the country’s Interior Ministry. It is responsible for issuing national ID cards to all Argentines. In addition, RENAPER stores the data of every citizen on a digital database that other agencies can access.

The first sign that a data breach occurred was when a newly registered Twitter account ‘@AnibalLeaks) posted ID card photos and personal details of 44 Argentinian celebrities, including soccer stars Lionel Messi and Sergio Aguero, and even data for the Argentinian President, Alberto Fernandez. After publishing the details on Twitter, the hacker went on to post an ad on a popular hacking forum, offering to disclose the personal information of any Argentinian user for a fee.

It took three days for the government to confirm the data breach. Then, finally, the government issued a statement clarifying that although the hacker had compromised a legitimate user account to infiltrate the database, they had, in fact, not hacked it by exploiting a vulnerability.

Telecom Argentina

On July 18, 2020, one of Argentina’s major telecom providers, Telecom Argentina, disclosed that it had been a victim of a ransomware attack. It was reported that the attackers had used phishing emails to target Telecom Argentina’s employees to steal their login credentials.

The attack allowed the hackers to encrypt about 18,000 Telecom Argentina workstations. In addition, the perpetrators requested a ransom of almost $7.5 million from the telecom giant. They threatened to raise the amount to $15 million if the company failed to pay within three days.

Fortunately, Telecom’s IT staff was able to contain the ransomware. However, in the wake of the attack, the company advised its workers to avoid using its internal VPN network, opening mails with archive files attached, and limiting their social interaction on the corporate network. Although the REvil ransomware gang were the initial suspects, the attack mode did not match the gang’s tactics. So, no suspect was pointed out for carrying out the attack.

National Directorate of Migration

Hackers targeted Argentina’s National Directorate of Migration, and the incident caused a temporary shutdown of the country’s borders. The agency published an official statement on Twitter on August 28, 2020, saying that it had suffered a cyberattack, which affected some of the National Directorate of Migration’s functions, such as border control.

According to the agency, the attack significantly affected the Integrated Migration Capture System (SICaM), which Argentina uses for international crossings. As a result, the incident disrupted entries and exits in and out of the country. However, the National Directorate of Migration stated that the cyberattack didn’t affect its critical infrastructure and that hackers couldn’t access the sensitive data it handles.

Furthermore, several local media outlets in Argentina claimed that Netwalker ransomware hackers were responsible for the attack. They demanded Bitcoins worth millions of dollars in exchange for the stolen information. One major Argentine newspaper El Tribuno reported that the hackers sent warning messages to government officials to discourage them from recovering the stolen files without a decryptor program.

The group of hackers published some of the agency’s data online to prove they were responsible. They also allegedly demanded $2 million worth of Bitcoin as a ransom payment, but it later increased to $4 million. However, the National Directorate of Migration never disclosed the exact data that was stolen or whether it managed to retrieve the information.

Conclusion

There is no doubt that the rate of cyberattacks in Argentina has continued to rise over the years. Unfortunately, between phishing attacks, malware, and ransomware, individuals and organizations continue to fall victim, and there’s no sign of these threats going away in the nearest future. However, the best move is to invest in cybersecurity infrastructure and awareness. The Internet has already evolved so much in 2022, and who knows what else may come after. So, it’s best to stay updated as well.