TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources THREAT INTELLIGENCE CYBER RISK CYBERSECURITY OPERATIONS CYBERATTACKS & DATA BREACHES NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Latin America's Cyber Maturity Lags Threat Landscape The slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers and ransomware gangs. Alexander Culafi,Senior News Writer, Dark Reading February 20, 2026 4 Min Read SOURCE: IVAN TSYRKUNOVICH VIA ALAMY STOCK PHOTO Although Latin American countries have made major strides toward cybersecurity maturity, sluggish progress and an aggressive cybercrime ecosystem present challenges ahead for the region. Intel 471 this week published a report detailing Latin America's cyber threat landscape, synthesizing data collected during 2025. Broadly speaking, the report references increasing security maturity for the region — citing a December 2025 report from the Organization of American States (OAS) attesting to this — while observing an increasingly hostile threat landscape. For example, Intel 471 reported more than 450 ransomware breach events in the region last year, marking a 78% increase over 2024. Furthermore, researchers tracked more than 200 initial access brokers targeting Latin American entities, multiple advanced persistent APT clusters around the world, and at least 119 hacktivist groups in 15 countries across the region. Related:Asia Fumbles With Throttling Back Telnet Traffic in Region LOADING... The OAS report cited increasingly complex digital threats in the region, as well as a wide variance in security posture that's echoed in Intel 471's findings. Member states vary in areas such as software assurance, critical infrastructure protection, and cyber insurance adoption. "Despite growing awareness of cyber risk, structural challenges persist across the region, including limited cross-sector collaboration, shortages of skilled cybersecurity professionals, and inconsistent budget allocation," the report read. "These constraints continue to impede the development of sustainable cybersecurity maturity. As governments and critical sectors further integrate digital services and infrastructure, cybersecurity has transitioned from a technical concern to a strategic priority for Latin America." Latin America's Intensifying Threat Landscape LOADING... Although the threat landscape is always heating up in one way or another, Intel 471 said Latin America "has recorded the fastest global growth in disclosed cyber incidents, with reported activity increasing at an average annual rate of about 25% over the past decade." The first quarter of 2025 alone saw a 108% year-over-year increase. Latin American organizations face 2,640 cyberattacks per week, on average, compared to the global average of 1,955. "This escalation is largely attributed to rapid digitalization, persistent security gaps in cloud environments, and the increasing use of artificial intelligence (AI) to scale, automate, and enhance cyberattacks," the report read. The region saw some particularly devastating cyberattacks. In June, Brazil financial technology provider C&M Software was compromised in an attack originating from insider access credentials. Exploitation of its systems resulted in the diversion of 800 million Brazilian reals (approximately $148 million) from eight financial institutions. The DragonForce ransomware group claimed another attack against C&M later in the year. This was reportedly the largest ever cyberattack against Brazil's financial system. Related:Sprawling 'Operation Sentinel' Neutralizes African Cybercrime Syndicates Also in June, the Brigada Cyber PMC data extortion threat group "claimed to have stolen more than 7 million records containing personally identifiable information (PII) of Paraguayan citizens from three Paraguayan government systems." Attackers demanded a ransom of approximately $7.4 million, which researchers observed was $1 for each of the country's citizens. Brazil was the most targeted country in multiple categories highlighted in Intel 471's report, which makes sense, as it is, by far, the most populated country in Latin America. Brazilian entities accounted for 30% of ransomware and extortion attacks tracked in the report, followed by Mexico at 14% and Argentina at 13%. The most targeted sectors were consumer and industrial products; followed by energy, natural resources, and agriculture; and professional services and consulting. Related:LongNosedGoblin Caught Snooping on Asian Governments Broadly speaking, social engineering primarily enabled financial fraud in the region last year, with email and SMS phishing the most common mechanisms. Fraudulent call centers were also widespread, "redirecting victims to resolve fabricated e-commerce transactions, payment disputes, or alleged delivery issues." Instant messaging platforms like WhatsApp were also commonly used to impersonate financial institutions, logistics firms, and contacts. An Uncertain Cyber Future for Latin American Member States Intel 471 summarized its report by saying the territory's rapid digitalization outpaces its security maturity. "As a result, the region has evolved into not only a high-value target, but increasingly also a central hub for cybercriminal activity, with reported incident volumes and attack frequencies exceeding global averages across multiple open source datasets," researchers said. Moreover, as a hub for cybercrime, attackers have begun to scale schemes tailored for local organizations and reuse them against North America and Europe. This reflects increasing maturity for its cybercriminal ecosystem, Intel 471 said, and limited disruption efforts mean there are banking Trojans that have been operational for more than a decade. In the short term, the researchers' broad assessment was not optimistic. "Looking ahead, we assess that meaningful risk reduction is unlikely in the near term," Intel 471 said. "The development, harmonization, and enforcement of national cybersecurity policies and legislation remain slow-moving processes, while cybercriminal innovation continues at a faster pace — especially in the era of AI," the researchers wrote. "Absent significant improvements in regulatory enforcement, public-private cooperation and regional information sharing, Latin America is likely to remain both a primary operating environment and an export hub for financially motivated cybercrime over the coming years." Read more about: DR Global Latin America About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like THREAT INTELLIGENCE 'Darcula' Phishing Kit Can Now Impersonate Any Brand by Nate Nelson, Contributing Writer FEB 20, 2025 THREAT INTELLIGENCE MITRE EMB3D for OT & ICS Threat Modeling Takes Flight by Robert Lemos, Contributing Writer MAR 07, 2025 THREAT INTELLIGENCE React2Shell Exploits Flood the Internet as Attacks Continue by Rob Wright DEC 12, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice ENDPOINT SECURITY Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again byNate Nelson FEB 12, 2026 6 MIN READ CYBER RISK Those 'Summarize With AI' Buttons May Be Lying to You byJai Vijayan FEB 12, 2026 5 MIN READ CYBERATTACKS & DATA BREACHES Senegalese Data Breaches Expose Lack of Security Maturity byNate Nelson FEB 12, 2026 5 MIN READ 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers The Threat Prevention Buyer's Guide: Find the