Financial Crime World

Ecuador Grapples with Financial Crimes and Cybersecurity Threats

A Growing Concern in Latin America

Ecuador has emerged as one of the Latin American countries most vulnerable to cybercrime, particularly malware attacks. According to the Global Cybersecurity Index of the International Telecommunication Union (ITU), a United Nations agency, Ecuador ranks 119th out of 182 countries for vulnerability to cyberattacks.

Recent Attacks on Ecuador’s Financial Sector

In October 2021, Ecuador’s largest private bank, Banco Pichincha, suffered a major cyberattack that disrupted its operations and knocked out its ATM and online banking portal. This was not an isolated incident, as the bank had been hit by another cyberattack just months prior, which also affected Ecuador’s Ministry of Finance.

Strengthening Cybersecurity in Ecuador

In response to these threats, Ecuador has been seeking to strengthen its cybersecurity through a new policy that will integrate the government, private companies, academia, and civil society. The South American country has had a Cybersecurity Committee since 2017, which brings together the ministries of Defense, Security, Telecommunications, and Foreign Affairs, as well as the Strategic Intelligence Center (CIES).

“We work with the OAS [Organization of American States], the World Bank, the U.S. State Department, and CICTE [Inter-American Committee against Terrorism], to catch up,” said Telecommunications Minister Vianna Maino in an interview with Ecuadorian newspaper Primicias.

New Policy to Enhance Cybersecurity

The new policy, set to be implemented in 2023, will prioritize the protection of critical digital infrastructure and essential services while promoting cooperation between the public and private sectors. “It seeks to enhance the capacity to detect, foresee, manage, and prevent cyber incidents in Ecuador,” a news outlet reported.

Rise of Cybercrime in Latin America

With the arrival of the COVID-19 pandemic, cybercriminals took advantage of the situation to commit all kinds of criminal activities. Remote access attacks, theft of personal data, and malware distribution increased alarmingly, becoming a nightmare for many regional companies.

  • Ransomware attacks in Latin America increased by 25 percent in 2022 over the previous year, according to Forbes.
  • Costa Rica declared a national emergency following cyberattacks by Russian group Conti Ransomware that paralyzed the computer networks of multiple government agencies.
  • The U.S. State Department announced a $10 million reward for information on the Conti leadership.

Recent Cyber Attacks in Ecuador

Cyberattacks have also hit Ecuador in recent months, including:

  • BlackCat ransomware strain: On April 16, the Quito municipality’s IT infrastructure was hit by the BlackCat ransomware strain linked to Russia.
  • CIES attack: On March 10, the CIES’ computer platform suffered an attack, compromising the information processed by this institution, as well as the Police and Armed Forces’ intelligence subsystems.

The Economics of Ransomware Attacks

Cybercriminals have perfected their negotiation techniques with victims during the extortion process, in order to obtain the maximum possible payment for the information held for ransom. This payment is estimated to range from 0.7 percent to 5 percent of the victim’s annual income, providing huge profits for criminal gangs, and making ransomware attacks among the most lucrative type of cybercrime.

Ecuador’s Commitment to Cybersecurity

“We work on containing them, stopping them, and being alert,” said Ecuadorian Minister Maino. “How to recover information, that’s what we are going to work on.”