TechTarget and Informa Tech’s Digital Business Combine. TechTarget and Informa TechTarget and Informa Tech’s Digital Business Combine. Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise Newsletter Sign-Up Newsletter Sign-Up Cybersecurity Topics Related Topics Application Security Cybersecurity Careers Cloud Security Cyber Risk Cyberattacks & Data Breaches Cybersecurity Analytics Cybersecurity Operations Data Privacy Endpoint Security ICS/OT Security Identity & Access Mgmt Security Insider Threats IoT Mobile Security Perimeter Physical Security Remote Workforce Threat Intelligence Vulnerabilities & Threats Recent in Cybersecurity Topics Application Security Axios NPM Package Compromised in Precision Attack Axios NPM Package Compromised in Precision Attack by Alexander Culafi Mar 31, 2026 5 Min Read Sponsored Content The Future of Application Security: AI Bots, APIs & Identity Explained The Future of Application Security: AI Bots, APIs & Identity Explained by Terry Sweeney Mar 31, 2026 World Related Topics DR Global Middle East & Africa Asia Pacific Latin America Recent in World See All Application Security Real-Time Banking Trojan Strikes Brazil's Pix Users Real-Time Banking Trojan Strikes Brazil's Pix Users by Alexander Culafi Mar 13, 2026 4 Min Read Threat Intelligence Iran's Cyber-Kinetic War Doctrine Takes Shape Iran's Cyber-Kinetic War Doctrine Takes Shape by Alexander Culafi Mar 6, 2026 4 Min Read The Edge DR Technology Events Related Topics Upcoming Events Podcasts Webinars SEE ALL Resources Related Topics Resource Library Newsletters Podcasts Reports Videos Webinars White Papers Partner Perspectives Dark Reading Resource Library Cyber Risk Cybersecurity Operations Threat Intelligence Vulnerabilities & Threats News Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Cyberattacks Intensify Pressure on Latin American Governments Cyber threats across Latin America are increasingly targeting government systems, from disruptive attacks in Puerto Rico to a surge of probes against Colombia’s health sector. Robert Lemos , Contributing Writer April 1, 2026 4 Min Read Source: HTGanzo via Shutterstock Government organizations in Latin America and the Caribbean are wrestling with a spate of attacks on critical agencies that far outpaces the rest of the world, including hits on a national health agency in Colombia, a potential compromise of Puerto Rico's transportation department, and AI-assisted hackers targeting Mexico's government en masse. Overall, organizations in Latin America suffered about 3,050 attacks per week in March, compared to a little more than 2,000 per week for the average global organization, according to data from Check Point Software Technologies . Government agencies are targeted even more often, with nearly 4,200 attacks per week, a thousand attacks more than the average across all industries, says Angel Salazar, security engineering manager for the Latin American region at Check Point. "Government networks usually have constant exposure: public services that must stay online, older systems that are hard to replace, and many users coming and going," he says. "All of this creates a continuous attack surface, not something occasional." Related: Middle East Conflict Highlights Cloud Resilience Gaps The month of March became a steady parade of breach news for the region. Early in the month, a group of hacktivists compromised at least nine government agencies in Mexico with the help of major AI systems, likely accessing more than 195 million identities and tax records. Colombia's health ministry, the Superintendencia Nacional de Salud (Supersalud), suffered more than 23 million cyberattacks and probes during the month, the agency stated in a March 27 notification , responding to allegations that its systems had been hacked. And last week, Puerto Rico's Department of Transportation halted issuing driver's licenses, following a cyberattack that was ultimately unsuccessful, the agency told media . Most often the attacks are perpetrated by financially motivated criminals, but nation-state espionage attacks and politically motivated hacktivism have both evolved as risks, says Camilo Gutierrez, field CISO for cybersecurity firm ESET's Argentina Country Office. "For the daily operation of a government organization in Latin America, the most probable risk is still criminal, but for strategic management, the state-related or hybrid activity is not something small anymore and should not be ignored," he says. Phishing Drives Stolen-Credential Surge Overall, Latin America has moved from being a secondary target for attackers to becoming one of the more heavily targeted regions globally — and government agencies are consistently near the top of the target list, says Tom Hegel, a distinguished threat researcher at SentinelOne, a cybersecurity platform provider. Related: Abu Dhabi Finance Week Exposed VIP Passport Details The region has to deal with a mature banking-trojan ecosystem , as well as information stealers, which have recently dominated, harvesting credentials to fuel initial-access broker services online, he tells Dark Reading. "The region has a massive exposed credential problem," Hegel says. "Billions of credentials are circulating through Telegram channels and Dark Web markets. Infostealers harvest them, initial-access brokers package and sell the access, and ransomware affiliates buy their way in." Email remains the main delivery channel for attacks, with about 82% of malicious files arriving in email, compared to a 56% rate globally, according to Check Point's Salazar. "In practice, attackers usually follow the same familiar paths," he says. "Phishing remains the main way attackers get in, which makes sense since email is still the most common way malicious content is delivered in the region." Yet, attackers are also taking advantage of exposed services and systems that support public services — and thus are connected to the Internet — because many of them are built on older platforms, he says. Attackers Are Mature, Defenders Less So Related: Surging Cyberattacks Boost Latin America to Riskiest Region Many government organizations have to deal with securing legacy technology, which creates difficult patching problems, says ESET's Gutierrez. Cyberattackers scan for unpatched and outdated software , and many local government agencies are making do with older systems that they have trouble keeping up to date, he says. In addition, many Latin American institutions lack skilled cybersecurity workers and the operational capabilities to maintain their IT infrastructure, Gutierrez says, pointing to a World Bank report that indicated a regional gap of about 350,000 cybersecurity professionals. "This is not just something abstract," he says. "Less specialized people means less hardening, less monitoring, and slower response times." Check Point's Salazar agrees that the public sector's problem is often "more structural than technical, with older systems, uneven patching, small security teams, and complex supplier relationships all increasing risk." Organizations should start by securing the most common entry point: email, he says. Next, regularly scanning the external attack surface area can find previously unknown vulnerable assets, helping the organization tighten its security. And since government agencies are custodians of citizen data, they should also prioritize efforts to reduce data exposure and minimize leakage, he says. "Government agencies in the region must maintain real-time visibility into what is exposed, understand what can truly be exploited, and prioritize remediation of the risks attackers are most likely to target," Salazar says. Read more about: DR Global Latin America About the Author Robert Lemos Contributing Writer Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends. See more from Robert Lemos Want more Dark Reading stories in your Google search results? Add Us Now More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars Editor's Choice Cybersecurity Operations Why Stryker's Outage Is a Disaster Recovery Wake-Up Call Why Stryker's Outage Is a Disaster Recovery Wake-Up Call by Jai Vijayan Mar 12, 2026 5 Min Read Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks Threat Intelligence Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats Jan 2, 2026 Cyber Risk Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult Jan 12, 2026 | 7 Min Read Endpoint Security CISOs Face a Tighter Insurance Market in 2026 Jan 5, 2026 | 7 Min Read Threat Intelligence 2026: The Year Agentic