TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources THREAT INTELLIGENCE CYBERSECURITY OPERATIONS CYBER RISK CYBERSECURITY ANALYTICS NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific LatAm Now Faces 2x More Cyberattacks Than US Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage. Nate Nelson,Contributing Writer March 5, 2026 4 Min Read SOURCE: ADINA TOVY/ART DIRECTORS VIA ALAMY STOCK PHOTO Nowhere in the world has cyber threat activity been growing faster than in Latin America, thanks in part to relatively rapid digital adoption on the part of businesses in the region, combined with relatively stagnant cybersecurity growth. Last year, researchers at Check Point tracked a 53% year-over-year rise in weekly cyberattacks in Latin America, and as of 2026, they confirmed it to be the most heavily targeted region on the planet. In an updated, unpublished March 2026 threat report shared with Dark Reading, Check Point found that Latin American organizations currently face an average of around 3,100 cyber threats per week. By comparison, in recent months, their counterparts in the United States have averaged just under 1,500. The difference isn't only in volume, either. In some respects, the nature of cyberattacks in each region differ significantly, right down to the smallest details: where they come from, what form they come in, etc. Related:Indian APT 'Sloppy Lemming' Targets Defense, Critical Infrastructure North & Central/South American Cyberattacks Diverge Certain categories of cyberattack are just more common in Latin America, be they ransomware hits (accounting for 5.4% of attacks last month versus 3.1% in the US) or those involving infostealers (5.3% vs. 2.1%), banking malware (2.8% vs. 0.8%) or botnets (13.1% vs. 7.2%). In contrast, certain file types, like Microsoft Excel spreadsheets (XLS, XLAM) show up more often in enterprise-focused US attacks, but hardly register down south. LOADING... Most notable amongst all of Check Point's recent data, though, is a disparity in how attacks are first initiated. A stunning 95% of malicious files in the US last month were delivered via the Web — compromised websites, drive-by downloads, malvertising, etc. By contrast, that number was just 26% in Latin America, with email making up the other 74%. "Phishing campaigns continue to be extremely effective in the [Latin America] region, particularly those impersonating financial institutions, payment notifications, invoices, travel confirmations, or government communications," says Julio Lemus, security engineer and office of the CTO at Check Point. "This could be due to a lack of cyber-awareness by average businesses and consumers." Threat actors also take interest in different sectors, depending on whether they're attacking countries in North or South America. For instance, healthcare was the ninth most victimized US sector in Check Point's data last month. For multiple months in a row it has topped the Latin American list, and in February it was targeted around 28% more than the next most targeted sector (education). The financial services industry, which didn't make Check Point's Top 10 in the US, ranked as the sixth most targeted in Latin America. Related:As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks Why Hackers Pick on Latin America In its 2025 Cybersecurity Report, the Organization of American States (OAS) and Inter-American Development Bank (IDB) assessed the overall cybersecurity maturity of countries across Latin America and the Caribbean. They used the OAS and Oxford University's Cybersecurity Capacity Maturity Model for Nations (CMM) which, though rather complex, can vaguely score countries on a scale from zero to five, with five representing world-leading cybersecurity maturity, and zero representing total immaturity. The results of the analysis were unimpressive. "The security level of maturity for most of the countries were scored between 2 and 3," recalls Carlos Borges, senior intel analyst with Intel471. Borges, who's from Brazil, thinks that "We do have many big companies, particularly in the financial industry, that have good resources to protect themselves. But if you look at how it is in general, most companies of medium-size and low-size are still fragile, and of course they are susceptible to more opportunistic actors." Related:Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount Even some of those larger organizations underwhelm, though. Borges points to the high-profile supply chain incident at Brazilian fintech provider C&M Software last July as a case-in-point. "They had an insider that worked with a cybercrime group. [They] stole funds from the customers of this company, and it reached hundreds of millions of dollars from the core financial system in Brazil, operated by the Brazilian Central Bank. Two months later, the same company was also breached by the Dragonforce ransomware group. That speaks a little to how even those companies that are particularly involved with more resourceful industries are still susceptible." Check Point's Lemus also attributes the disparity between Latin America and the rest of the world to differing maturity levels, but also cites a variety of other economic and technological factors. For example, he says, "many organizations in the region operate with mixed IT environments and uneven security investments, which creates opportunities for attackers looking for easier entry points." Another factor, he adds, "is that cybercriminal groups increasingly view Latin America as a high-return region for fraud and extortion, where attacks can still succeed with relatively simple techniques such as phishing or credential theft. As a result, attackers often scale campaigns across multiple organizations simultaneously, which contributes to the higher weekly attack averages." Read more about: DR Global Latin America About the Author Nate Nelson Contributing Writer Nate Nelson is a journalist and scriptwriter. He writes for "Darknet Diaries" — the most popular podcast in cybersecurity — and co-created the former Top 20 tech podcast "Malicious Life." Before joining Dark Reading, he was a reporter at Threatpost. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like THREAT INTELLIGENCE CISA: Pro-Russia Hacktivists Target US Critical Infrastructure by Elizabeth Montalbano, Contributing Writer DEC 10, 2025 THREAT INTELLIGENCE How Malware Authors Are Incorporating LLMs to Evade Detection by Robert Lemos, Contributing Writer NOV 26, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 THREAT INTELLIGENCE Trump Targets Krebs, Revokes SentinelOne Security Clearance by Kristina Beek, Associate Editor, Dark Reading APR 10, 2025 Editor's Choice THREAT INTELLIGENCE As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks byElizabeth Montalbano MAR 3, 2026 6 MIN READ ICS/OT SECURITY Vehicle Tire Pressure Sensors Enable Silent Tracking byJai Vijayan MAR 3, 2026 3 MIN READ СLOUD SECURITY AI Agent Overload: How to Solve the Workload Identity Crisis byAlexander Culafi MAR 3, 2026 4 MIN READ 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers Industry Report: AI, SOC, and Modernizing Cybersecurity The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Assessing Security Architectures: Zero Trust vs. Network-Centric Models 5 Steps to Stop Ransomware With Zero Trust 10 Ways a Zero Trust Architecture Protects Against Ransomware Explore More White Papers GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned