A Threat Intelligence Report from Check Point Research, presented in conjunction with Safe Solutions in the framework of the International Day of Information Security, in the last six months in Guatemala there were 6,000 316 attacks, 2,635 went to companies and 3,681 to the government.
As for companies, this number means 42%, being the most common target being the banking and finance sector.
Eli Faskha, CEO of Safe Solutions, commented that the financial sector, i.e. banking, cooperatives and all companies that have to do with money, receive an average of 3,800 cyberattacks per week.
In the opinion of Héctor Cabrera, secretary of the Technology and Innovation Guild of the Chamber of Industry of Guatemala (CIG), this number falls short because this is part of the current reality and according to his experience, most of the companies that were attacked have preferred not to recognize the attack, by reputation or because they manage information from third parties.
“The more information and the more money you have involved, the more juicy the dam,” Cabrera said, ensuring that in cybersecurity the attack is more advanced than who defends.
He said that cybersecurity is not an expensive team that is put on and solves all the problems, it’s not something that turns on and off.
But a number of layers of security where some are equipment, others are software, but many of them and the most important are policies that include staff education at all levels.
For if a collaborator who has access to the principal server with administrator privileges opens a suspicious email and clicks to a link that includes a malicious program source to hijack information, no matter how many layers of security you have in the company, or how powerful they are, cyber attackers will enter easily.
At this point Faskha agreed, as this practice is the engine of cyber attacks, in fact 92 per cent enter by emails.
Guatemala does not have a law on the prevention and protection against cybercrime, so cybercrimes are not criminalized. In this context and following a seminar held through the United States Embassy in Guatemala, led by two Guatemalan judges, former students of a diploma in cybersecurity issues from the William Perry Institute, and in which members of the Technology and Innovation Guild also participated, a committee was created.
This group arose from the very particular and profound disinformation and specific knowledge that it needs from specialists, however, he commented that those who can manage or advocate for legislative issues in Guatemala do not understand much about this particular issue.
The idea is to understand what the current status is and where to start. Little progress has been made because none of the members of the committee have political strength, he shared, indicating that it is a beginning with a small seed to push, in some way, the creation of legislation.
Meanwhile, Pablo Barrera, director of the Information Technology Outsourcing Commission (ITO) of the Guatemalan Association of Exporters (Agexport) indicated that the most important recommendation is to be proactive and non-reactive in terms of cybersecurity risks, in addition to:
He ais a victim of cyberattack and if it does not have or counts minimally with cybersecurity applications.
Ignacio Lejarraga, president of the Coordinating Committee of Agricultural, Commercial, Industrial and Financial Associations (CACIF), acknowledged that they were the victims of one of these attacks recently, which left them off the website for two days.
“In our case the portal is only informative, but we are aware of the importance that this issue has for our partners,” Lejarraga added, indicating that the issue of cybersecurity is very important for entrepreneurs in general, because of the obligation they have either legal or before society to continue offering their services. “In the case of banks, for example, it is absolutely momentous,” he said.
This article has been translated from the original which first appeared on Prensa Libre