BOGOTÁ, Colombia – Botnets, ethical hackers, malware, rootkits – all terms that sound like they come from a conversation in a Star Trek episode. But they are becoming household names in the face of an incipient domain of conflict.
“Twelve of the world’s 15 largest militaries are building cyberwarfare programs,” said James A. Lewis, a cyber security expert at the Center for Strategic and International Studies in Washington, D.C., to The New York Times in September 2012. Many European Union countries, the United States, South Korea, Japan, and Brazil are among the involved nations.
To stay on top of its game, Colombia is taking important steps forward to tackle cyber threats, a relatively new scourge that is growing exponentially and defines a potentially new and contested realm for conflict in the 21st century.
In the summer of 2012, the Colombian government made a commitment to broach cyber security and cyber defense to enforce national information security, specifically through official organizations that would develop the bases and generate mechanisms to guarantee national security. The document, called CONPES 3701, established Colombia’s policy and guidelines for cyber defense and cyber security nationwide.
With this guiding principle, the South American nation officially concerted a total government approach to counter cyber threats and criminal activities in a coordinated and mutually supportive manner.
By linking three parallel organizations designed to execute specific responsibilities in the cyber space domain, including the Joint Cyber Command (CCOC, for its Spanish acronym), the National Police Cyber Center (CCP) and the Ministry of Defense’s Computer Emergency Response Team (colCERT), Colombia built an initial cyber unit.
The CCOC was created with an initial force of 20 analysts with backgrounds in communications, engineering, aviation and intelligence from all three Colombian Military branches to tackle cyber defense for the state, respond to cyber attacks, ensure critical infrastructure protection and defend military computer networks.
On the other hand, the operating staff at the CCP, which depends on the National Police’s Criminal Investigation Directorate and Interpol, undertakes cyber security through law enforcement, investigation and prosecution of cyber-related crimes.
Finally, the Ministry of Defense’s ColCERT is mainly responsible for duties such as mitigation, prevention and addressing cyber incidents, as well as providing technical expertise and cyber security vulnerability awareness.
In December 2012, representatives from the Joint Cyber Center at the United States Southern Command (SOUTHCOM), and the U.S. Department of Defense’s Chief Information Officer (CIO), visited Colombia for a Subject Matter Expert Exchange (SMEE) with Military representatives of the newly-created CCOC and ColCERT.
The CIO is the Department of Defense’s primary authority for the policy and oversight of information resources management, to include matters related to information technology, network defense, and network operations.
“Since you’ve already gone through the long road [of development], we hope to gain keen insight on the steps toward making our joint cyber command operational,” said Colombian Navy Capt. William Hernández, one of the CCOC participants at the SMEE.
In addition to setting the landscape for the capabilities needed to build a cyberspace operation force, the partner nations, during a three-day discussion, shared ideas on the following topics:
- ::The military role’s in cyberspace;
- ::The civil, economic and military perspectives on cyberspace and its importance and challenges the domain presents;
- ::The importance of having a national strategy to dictate procedures and actions in cyberspace;
- ::The use of cyberspace for national defense;
- ::The importance of sharing cyberspace information among nations;
- ::The critical need to protect cyberspace infrastructure.
Colombian Army Col. Erich Siegert, who directs the CCOC’s director, and his staff of cyber experts took advantage of the exchange to gain insight from SOUTHCOM cyber experts on creating a joint cyber command of their own.
Col. Siegert said 30 enlisted military personnel –10 from the Army, Navy and Air Force – were selected to go through a customized cyber-specific training program.
“Half of these were assigned to the CCOC, while the other half went back to their respective service to work cyber operations,” he said. “Our intention is to expand from the organization we set up on Nov. 12.”
In order to emphasize the significance of the CCOC, the General Staff’s goal is to upgrade the director position to that of a general officer as soon as this year.
Colombian Army Capt. Milena Realpe, who also attended the SMEE, said a presidential directive empowered the Ministry of Defense and the General Staff to exercise tasking authority over the services for cyber-related activities.
“The CCOC was designated Colombia’s defense joint and strategic lead for [cyber-related activities],” she said.
Ultimately, the CCOC hopes to sustain a 24-hour, seven-days-a-week operational capability with direct coordination with all branches of the military.
“Each service will have dedicated cyber forces to work service-specific issues and coordination for the CCOC,” Siegert said.
All in all, the triad between the CCOC, ColCERT and CCP represents Colombia’s first critical steps against emerging threats in cyberspace.
“The country’s commitment to creating these organizations makes the South American nation a regional advocate for cyber cooperation and positions it as a proactive participant in the global movement for action in cyber operations,” said U.S. Air Force Maj. Michael Donahue, a SOUTHCOM cyber expert.