Latin America is still a low-tech place – and computer hackers are preying on it. Cybercrime cost Latin America and the Caribbean more than $100 billion last year, and the Inter-American Development Bank says it’s growing as much as 40 percent a year.
This week Miami is hosting CLAB (cl@b) – the Latin American Congress on Banking Automation – the world’s largest Latin American financial technology conference. One of its speakers will be Robert Villanueva, a former Secret Service agent who founded that agency’s cyber-intelligence section. He now heads cyber-threat intelligence at a South Florida-based tech startup called Q6 Cyber.
WLRN’s Tim Padgett spoke with Villanueva about the unique problems cybercrime poses in Latin America – where it even hit Bill Gates.
WLRN: In 2015, the IADB says there were 400 million attempted cyber-attacks throughout Latin America. In 2013, half of Latin American companies suffered computer malware attacks. That’s troubling news here in South Florida because of how connected we are to Latin America. Why is Latin America particularly vulnerable to cybercrime?
VILLANUEVA: And Tim, those are actually pretty conservative estimates. The issue you have is that a lot of Latin American businesses and financial institutions don’t have the awareness we see for instance in the United States, or the training or education.
So their employees in general are not on a daily basis concerned with the typical phishing attacks that you see in the United States. The primary delivery method in Latin America of most malware attacks and viruses is through phishing – those email compromises.
Latin America then is still lagging behind in terms of preventive technology?
Yes. Most of these attacks are originating from Eastern Europe. And now they’re seeing Latin America as the new frontier. And the most concerning thing we’re seeing now is direct communication between Eastern Europeans and Spanish cybercriminals, looking for new recruits in Latin America.
So you’ve got Eastern European cybercriminals partnering up with cybercriminals in Spain because of their language?
Yes. But for the most part, police in Latin America either don’t have the right tools or right training, or the actual legal statutes in place to do something about it.
So it’s not just a technical deficiency; it’s also a judicial deficiency that’s hurting Latin America in this area?
You’re essentially a private cyber-detective. Describe what that means and what you do.
We’re a global cybersecurity and cyber-intelligence company focusing primarily on the dark web.
Remind us what you mean by “dark web.”
It’s the part of the web where people traffic in all types of stolen financial data. We look at account data for financial institutions and we try to identify and locate malicious actors.
What are some of the more striking cases – and criminals – you’ve dealt with in Latin America?
There was one individual – a Bulgarian cybercriminal [Konstantin Kavrakov] – who the Secret Service had actually been pursuing a few years ago. He popped up traveling down in Asunción, Paraguay. Ironically enough, he was utilizing someone’s identity – and the person’s identity was actually Bill Gates.
Bill Gates the Microsoft billionaire?
Yes, believe it or not. So that’s how bold they are. He was using that identity to do a variety of different cybercrimes. But also he organized a group of several, about 15 different individuals that traveled around with him, and they were doing schemes in Paraguay and the Brazil area and Argentina. He was arrested – and let go – in Paraguay because of its lax laws. He was arrested in the Philippines [in 2015] and faced justice there.
How much did he steal from Gates?
He attempted a few hundred thousand dollars.
You’re a Miami native. Was there anything about growing up here that gives you certain insights into how to be a high-tech sleuth?
Well, South Florida is the No. 1 region in the United States for fraud in general. So there are a lot of folks down here who are involved with that – which gives you a good perspective of these miscreants online.
You spent 25 years in the Secret Service. We think of it as agents in sunglasses and earpieces protecting the president. Why did you believe the less glamorous field of cyber-crimefighting had to be part of the agency's work?
The Secret Service [was actually part of the Treasury Department]; it was founded back in 1865 for its investigative capabilities in cases like counterfeiting. This is just financial fraud that happens to be online.
So does it frustrate you to see Latin American governments and business still invest so little in tech education and R&D?
Yes, they’re very reactive in general – of course there are some exceptions – and they need to be more proactive in nature. They need to get cybersecurity and cyberintelligence plans to stay up to date with the bad guys.
The cl@b financial technology conference runs Aug. 30 through Sept. 1 at the Intercontinental Hotel in downtown Miami.