Even though Latin American nations have made significant progress toward cybersecurity maturity, the region still faces obstacles due to slow development and a hostile cybercrime ecosystem This article explores cybercrime according intel. . This week, Intel 471 released a report that summarizes the cyber threat landscape in Latin America by combining data gathered in 2025.

In general, the report notes the region's growing security maturity, citing an Organization of American States (OAS) report from December 2025 attesting to this, while noting an increasingly hostile threat landscape. Last year, for instance, Intel 471 reported over 450 ransomware breach events in the region, which is a 78% increase compared to 2024.

Additionally, the researchers monitored at least 119 hacktivist groups in 15 countries throughout the region, more than 200 initial access brokers targeting Latin American entities, and multiple advanced persistent APT clusters worldwide. There were also many fraudulent call centers that "directed victims to resolve alleged delivery issues, payment disputes, or fictitious e-commerce transactions."" Additionally, financial institutions, logistics companies, and contacts were frequently impersonated using instant messaging services like WhatsApp.

Latin American Member States Face an Uncertain Cyber Future The territory's rapid digitization surpasses its security maturity, according to Intel 471's summary of its report.

According to researchers, "the region has evolved into not only a high-value target, but increasingly also a central hub for cybercriminal activity, with reported incident volumes and attack frequencies exceeding global averages across multiple open source datasets." Attackers have also started scaling schemes designed for local organizations and reusing them against North America and Europe, using the region as a hub for cybercrime. According to Intel 471, this indicates that its cybercriminal ecosystem is becoming more mature, and there are banking Trojans that have been active for more than ten years due to insufficient disruption efforts.