Financial Crime World

Cybercrime Group Targets Peru’s Intelligence Agency, Threatens to Release Sensitive Data

Russian Cybercrime Group Conti Infiltrates Peruvian Intelligence Agency

A recent wave of ransomware attacks has hit Latin American governments, with a Russian cybercrime group known as Conti infiltrating the computer systems of Peru’s national intelligence agency. On April 27, Conti announced that it had hacked the website of Peru’s National Directorate of Intelligence and threatened to publish stolen sensitive data unless the government paid a ransom.

Background on Conti

Conti is considered one of the largest ransomware gangs in the world, specializing in “big game hunting” by targeting high-value institutions for greater payouts and notoriety. In 2021, the group carried out over 500 ransomware attacks, according to cybersecurity news outlet SC Media.

Escalation of Cyberattacks on Latin American Governments

The escalation of cyberattacks on Latin American governments has become increasingly apparent in recent years, with institutions lacking the resources or capabilities to defend their critical digital infrastructure. Costa Rica and Peru are just the latest targets in a region where countries have struggled to keep pace with the rapidly evolving threat landscape.

Recent Attacks on Latin American Governments

  • In December 2021, Brazil’s Ministry of Health was hacked by the cybercrime gang Lapsus$, which compromised platforms tracking COVID-19 vaccinations.
  • Brazil has also suffered 13 separate cyberattacks on its court system in the past 18 months.
  • Argentina’s National Registry of Persons (RENAPER) was allegedly infiltrated in October, resulting in the theft of information on the country’s entire population of 44 million.
  • Chile’s customs agency in Valparaíso was similarly compromised by the ransomware group Prometheus, which specializes in targeting Latin American institutions.

Digital Vulnerabilities in Latin America

According to digital threat protection platform AdvIntel, a lack of technical expertise and cybercrime legislation are at the root of Latin America’s digital vulnerabilities. An Inter-American Development Bank report supports this conclusion, noting that just 12 of the 33 countries in the region had an approved national cybersecurity strategy as of January 2020.

Expert Insights

Cybersecurity expert Steph Shample explained to InSight Crime that Conti is extremely well-organized and careful in selecting targets from which to steal troves of sensitive data. The group uses malware like Trickbot and Emotet for initial access, and defending against such attacks is complicated by human error.

“It only takes one vulnerability, and then everything is out there,” Shample said.