Mexico City, Mexico |  June 17, 2025 The Digi Americas Alliance, in collaboration with Duke University Pratt School of Engineering and Recorded Future, released the “LATAM Financial Sector Threat Landscape 2025: Evaluating Actor Targeting and Defense Strategies for Latin American Financial Sector Institutions.” The report offers a view into the region’s increasing cyber risks and offers urgent recommendations to private and public sector leaders.

Despite rapid digital growth in fintech and e-commerce since the COVID-19 pandemic, the region suffers from chronic underinvestment in cybersecurity, a shortage of specialized professionals, and significantly limited regulatory oversight – leaving both the private and public sector vulnerable. The growing threat is exemplified by high-profile incidents, such as the ransomware attack on Costa Rica’s Finance Ministry and Brazil’s court system, underscoring the need to address the proliferating threat.

The report identifies five major threat actors — CL0P, LockBit, Mispadu, Horabot, and Blind Eagle — using similar tactics, techniques, and procedures (TTPs) to target financial institutions across the region. The study also emphasizes the need for threat-actor-informed defense strategies, enabling institutions to anticipate common attack methods and implement more effective cybersecurity controls.

“This report is a call to action for Latin America’s financial sector,” said Belisario Contreras, Coordinator of the Digi Americas Alliance. “As threat actors become more sophisticated and relentless, our institutions cannot afford to remain reactive. Strengthening our region’s cyber resilience requires coordinated action—from investment in talent and technology to adopting intelligence-driven defense strategies. At Digi Americas, we’re committed to working with governments, industry, and academia to close these gaps and safeguard the region’s financial future.”

With data breaches up 34.5% and ransomware attacks surging 84% globally in 2023, the report serves as a wake-up call for financial institutions, regulators, and cybersecurity professionals working to build a more resilient digital economy in Latin America. Moreover, only 7 of the 32 countries in the region have plans to protect their critical infrastructure, and just 20 have operational Computer Security Incident Response Teams (CSIRTs). As the global cyber-threat landscape matures, Latin America’s cybersecurity challenges are increasingly urgent.

To support the cybersecurity of financial institutions in the region, the Digi Americas Alliance and Duke University Pratt School of Engineering, through the report, provide 12 key strategic recommendations and steps the sector can take to protect itself.

By implementing these recommendations and reaffirming their commitment to cybersecurity, financial institutions can play a pivotal role in advancing the region’s overall resilience and strengthening the cybersecurity posture of the financial sector:

• Implement Regional-Specific Security Controls
• Establish Financial Sector CSIRT Networks
• Strengthen Cross-Border Incident Response
• Strengthen Human-Centric Security Awareness
• Secure Digital transformation & Access Controls
• Enhance Third-Party Risk Management & Monitoring
• Harmonize Reporting Requirements
• Enhance Information Sharing
• Strengthen Cybersecurity Infrastructure
• Improve Cybersecurity Education and Workforce Development
• Strengthen Regulatory Frameworks
• Foster International Collaboration

For more information, you can read the full report here.