In a building of Puerto Maduro, a waterfront neighborhood of Buenos Aires, service members monitor their computer screens around the clock. Distributed Denial of Service (DDoS), antivirus neutralization, or confidential data propagation are some of the attacks that the Argentine Armed Forces seek to prevent, as part of their role at the Cyber Defense Joint Command (CCCD, in Spanish), a body of the Joint Chiefs of Staff created in 2014.
Unlike their colleagues who work in the field, elements of the CCCD face attacks in the operational environment known as the fifth domain or cyberspace, which complements the classical dimensions: land, air, sea, and space. Their objective is to detect threats and manage risks of cyberattacks against critical IT infrastructure necessary to fulfill military missions and the systems of essential services for national security (such as weapons systems, power networks, nuclear stations, or financial systems), and, in the event of an attack, to recover capabilities quickly.
“We are prepared to face different events that might come from a state, a nongovernmental organization, [or] individuals seeking profit and hacking just to become famous,” Argentine Army Brigadier General Tomás Moyano, CCCD commander, told Diálogo.
As technology advances, security threats to computer systems increase, with enemies shifting methods to discover new vulnerabilities. The challenge is enormous.
In August 2019, for example, a hacker circumvented the security of Argentina’s Federal Police computer system and made public 700 GB of data, including classified information, ongoing criminal investigations, and personal information of police agents. The Argentine Naval Prefecture’s Twitter account was also hacked and spread fake news (such as British missiles attacking Argentine ships) and hostile messages.
Claudio Pasik, director of Argentine cybersecurity company NextVision, told Diálogo that these events highlight two main concerns: piracy and confidential information leaks, which might endanger law enforcement security, and the publication of false information through trusted outlets (such as the accounts of government authorities), which might affect the national defense strategy.
The fake tweet had no serious repercussions, but the use of trusted profiles to disseminate fake news could have far-reaching effects. In 2013, for example, the cyberattack against the Twitter account of news agency the Associated Press — which indicated that then U.S. President Barack Obama had been hurt in a bombing attack at the White House — caused a stock exchange crash, the daily the Financial Times reported.
“Threats are getting increasingly sophisticated and complex,” said Pasik. “There are more and more different devices that are at risk of being attacked within a company or state institution.”
Although Argentina hasn’t experienced devastating events such as the cyberattack of June 2017 that paralyzed Ukraine — which targeted power companies, airports, banks, transport systems, and almost every federal agency — the threat in the region is real. The virus NotPetya, which the U.S. and British governments publicly blamed on Russia, also affected other countries and global companies, such as U.S. pharmaceutical company Merck and Danish container shipping corporation Maersk, U.S. magazine WIRED said in series of articles.
According to investigations carried out in August 2019 by international cybersecurity company Kaspersky, Latin America faced 45 million cyberthreats in 2018. Brazil and Mexico top the list of countries in the region with the most attack attempts. Argentina, the company added, suffered almost 50 cyberattacks per minute. In an interview with U.S. magazine Harvard Business Review, an Interpol advisor in cybercrime said that 80 percent of hackers have ties to organized crime.
In view of these challenges, Argentina seeks to reinforce its response capabilities. In October 2019, the Ministry of Defense announced the creation of the National Cyber Defense Center, which will gather defense platforms and systems, such as CCCD, in addition to creating the Cyber Defense Consulting Committee, to conduct military strategic planning for cyberspace. In June, the CCCD also organized the first cyberdefense seminar in Argentina, gathering subject matter experts from the region.
“Our daily work is based on three core principles that we’ve identified: The first is education, the second is identification of human resources who are suitable to work in this environment, and the third is integration, because resources related to cyber conflicts, both public and private, can and should work jointly,” Brig. Gen. Moyano concluded.