A recent report put out by the Organization of American States (OAS), which was compiled with the assistance of security firm Trend Micro, confirms International Data Corporation’s (IDC’s) finding that Latin American CIO’s have put security at the top of their priority list.
The report says that governments across Latin America have been seeing an increase in cyber attack activity. Mexican authorities reported a dramatic spike in hacktivist attacks, which contributed significantly to the 40% increase in the number of cyber incidents. However, Chile and Colombia represented bright spots: Chile’s Federal Police report that the number of reported cyber incidents decreased by 33% last year, with Internet-based wire fraud down 122%; and Colombia’s decline was attributed partly to the capture of the notorious and prolific cybercriminal Jorge Maximilian “Pacho” Viola.
Poor public awareness of IT security issues remains a challenge in Latin America. File infectors were the most common type of malware, with big risk areas being unpatched operating systems and applications, as well as insufficiently secured removable storage devices.
The ongoing IT security challenges in Latin America should be seen in the context of some global success: worldwide spam volumes have been on the decline since 2011, when law enforcement scored major successes with botnet and spam-related takedowns. In Latin America the top spam sending countries were Mexico, Argentina and Colombia, with malicious website hosting still a serious problem.
One area of growing concern is online banking theft, which has been widely reported, with Latin America notable for its emphasis on free hosted services. This is being enabled by custom designed crimeware kits. One example, Pice Bot – which was developed in Latin America and is used to steal financial information – was introduced in December 2012 and sells for $120.
Overall, cybercriminals in Latin America are most interested in government departments, financial intuitions, and energy agencies. Beyond inexpensive crimeware kits like Pice bot, attacks on industrial control systems were a serious concern. And, despite the spike in political hacktivism in Mexico during the July, 2012, presidential election, the motivation for cybercrime was mostly financial reward.
In offering a 28 day “snapshot”, Trend Micro reported 39 attacks from 14 countries in Latin America and the Caribbean. Twelve of the attacks were considered unique and targeted, though 13 were repeat attacks by the same people over a period of several days.
Not surprisingly, enterprises in Latin America are responding by upping their investment in IT security. Ricardo Villate, IDC’s newly-appointed leader for LatAm, recently presented crucial context for the relevance of security when he stated that “Latin America is the fastest growing IT market in the world, expected to grow at 2.4 times the global average in 2013.”
IDC has previously reported that global enterprise software growth will be driven by Big Data and cloud, but these represent larger technological phenomena and, in and of themselves, must be broken down further within a software taxonomy to see where businesses are focussing. Looking at last year’s global 3.6% year-over-year growth, with a total market size of $342 billion, IDC reports that security is a key focus area, growing at between 6% and 7%.
Clearly, those IT companies with a heavy security message will do well in this market. There can be a strong argument with cloud-based delivery models, given that patches and application support can happen in a centralized fashion. In Latin America, the leading enterprise software companies are doing well at addressing market concerns: Microsoft and SAP each gained almost a half point of market share over this past year. Microsoft held on as the dominant leader in system infrastructure software, with 28% market share. Overall, in Latin America, enterprise software growth is at 5.6%,which tracks closely to the United States’ 5.9% year-over-year growth.