Under the dazzling lights of Las Vegas, Check Point unveiled its forward-thinking strategy for safeguarding our interconnected world at CPX 2025, its flagship annual cyber security conference. The event drew thousands of participants from the United States, Canada, and Latin America. As the last of three global regional conferences, CPX Americas showcases the rising cyber threats in LATAM, where attacks have surged at an unprecedented pace. Organizations in this region are now facing an average of 2,569 attacks per week, nearly 40% higher than the global average of 1,848 attacks per organization. As cyber criminals adopt more advanced methods, Latin America is becoming a crucial front in the worldwide battle against cyber threats.
A Growing Threat Landscape: Latin America Under Fire
Latin America is experiencing a surge in cyber attacks driven by ransomware gangs, nation-state actors, and financially-motivated cyber criminals. The most targeted countries in the region include Peru, Paraguay, Mexico, and Colombia.
Key Findings from Check Point’s Latin America Threat Intelligence Report:
- Most attacked industries: Industries facing the highest number of attacks include government/military, communications, and healthcare, with weekly incidents ranging from over 3,000 to nearly 4,000.
- Most prevalent malware: FakeUpdates leads the region, alongside Androxgh0st, Rilide, and other banking trojans and RATs.
- Primary attack vector: 64% of malicious files in Latin America were delivered via web-based attacks in the last 30 days.
- Top exploited vulnerability: Information disclosure attacks impacted 74% of organizations, underscoring the risk of exposed sensitive data.
Cyber Threats Shaping Latin America in 2025
- AI-driven cyber warfare
Nation-state actors are leveraging AI-powered disinformation, destructive malware, and cyberespionage to weaken institutions and create systemic vulnerabilities. As global tensions rise, cyber warfare will increasingly target critical infrastructure and financial systems in Latin America. - The evolution of ransomware
Cyber criminals are shifting from traditional file encryption to data-leak extortion, targeting healthcare, education, and critical services. This shift comes as law enforcement disrupts ransomware-as-a-service (RaaS) operations, leading to a fragmented but highly resilient ransomware ecosystem. - The rise of infostealers
With a 58% surge in infostealer malware, cyber criminals are harvesting credentials, session tokens, and VPN access to infiltrate corporate networks. As banking malware and botnets decline, infostealers are now the top threat enabling cyber criminals to sell access on the dark web. - Cloud security gaps
Cloud misconfigurations, poor API security, and hybrid-cloud complexity are leaving organizations vulnerable to data breaches and account hijacking. Attackers are increasingly exploiting single sign-on (SSO) dependencies and cloud-hosted AI models to gain unauthorized access to enterprise environments. - The weaponization of edge devices
Cyber criminals and nation-state actors are compromising edge devices, using them as operational relay boxes (ORBs) to anonymize attacks, exfiltrate data, and pivot deeper into networks. IoT and edge computing are the next frontier for cyber threats in Latin America.
Major Cyber Attacks in Latin America:
Recent attacks highlight the real-world impact of cyber threats across the region:
- Argentina’s Airport Security Police (Jan. 2025): Cyber criminals breached payroll systems, exposing sensitive financial and personal data.
- Costa Rica’s RECOPE (Dec. 2024): A ransomware attack forced Costa Rica’s state-owned fuel distributor to switch to manual operations, disrupting fuel logistics.
- Mexican Government Portal Gob.mx (Nov. 2024): The RansomHub ransomware group exfiltrated 313GB of classified government data, threatening to leak it on the dark web.
A Call to Action: Strengthening Cyber Resilience in Latin America
“To counter these growing threats, Latin American organizations must prioritize prevention-first security measures, including AI-driven threat prevention, cloud security best practices, and robust cyber hygiene. Investing in real-time threat intelligence, network segmentation, and employee awareness training will significantly reduce risks, says Antonio Amador, Head of Check Point Latin America and the Caribbean. “At Check Point, we are committed to securing the hyper-connected world and empowering Latin America businesses and governments with cutting-edge security solutions to combat rising cyber threats.”
For a deeper dive at the state of cyber security, explore our 2025 Security Report.