Global dislocation caused by the coronavirus pandemic has led to a substantial uptick in attempted cyberattacks, increasing concerns for financial institutions in Latin America, which have been among the most susceptible to such assaults.
Major banks in Latin America already are seeing a sharp increase in phishing and other related attacks, according to the region's banking association.
"Expect more attacks," Ofer Israeli, CEO of Tel Aviv-based security company Illusive Networks, said in an emailed response to questions. Most IT departments are now "strained and distracted" with the load of employees working from home, Israeli said, which "opens up new risks and the potential attack surface expands. ... More remote employees means more potential for human error."
What is more, some banks have been relaxing security standards to maintain business continuity. "We've seen banks authorizing transfers via email," Sebastian Stranieri, CEO of Argentina-based VU Security, told S&P Global Market Intelligence. "That entails a lot of risks. Even after you assume that the person's email is actually the real one."
The newest threats stemming from the pandemic add pressure to bank security systems in Latin America that have long been considered vulnerable. In 2018, hackers stole about $10 million after launching a malware attack that shut down much of Banco de Chile's network. That same year, cyber criminals targeted Banco de México's interbank payment system to siphon between 300 million and 400 million Mexican pesos, compromising at least five financial institutions as a result.
"We are increasingly seeing attacks come from other regions and target Latin America first due to its unique vulnerabilities," Israeli said.
Earlier attacks, along with numerous others in recent years, have spurred LatAm banks to strengthen their defenses. Most have increased their tech and software purchases, expanded their cybersecurity teams and deployed additional layers of security. However, these efforts are yet to be tested in the unique circumstances presented by the current pandemic, with a spike in the demand from both employees working remotely and customers seeking digital services.
The banking industry "was in some way prepared for something like this, whether it be a pandemic or a technology incident," Ghassan Dreibi, cybersecurity operations director at Cisco Brasil, said in an interview. "But it never imagined it would have to deal with this level of [remote-working] needs."
In Brazil for instance, the top five banks employ about 500,000 people, the majority of whom are now working remotely. At Banco Santander (Brasil) SA, which employs 55,000 people, "practically everybody" is working remotely, a spokesperson said. Others, such as Itaú Unibanco Holding SA, Banco Bradesco SA and Banco do Brasil SA, are in similar situations.
"Times like these are ideal for those who want to commit banking fraud," Banco Patagonia SA, a subsidiary of state-controlled Banco do Brasil, said in a note. Most see their remote employees, who now have to access company information from beyond the banks' internal firewall protections and monitoring, as one of their biggest threats to security.
"That is why prevention has become so relevant," Daniel Juvinao, a director with Felaban, told S&P Global Market Intelligence, noting that most institutions have promoted threat awareness among customers and staff. Felaban also has set up a collaborative site for Latin American banks to share incident experiences.
"Sophisticated cyber criminals will target the most vulnerable bank or that that provides the highest return on investment, independent of the country it operates in," Juvinao said.