Colombia Rises to the Cyber Challenge
By Dialogo April 01, 2013
Botnets, ethical hackers, malware, rootkits… all terms that sound like they come from a conversation in a Star Trek episode, but yet are now becoming household names in the face of an incipient domain of conflict.
In fact, “12 of the world’s 15 largest militaries are building cyberwarfare programs,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington, D.C., to The New York Times in September 2012. Many European Union countries, the United States, South Korea, Japan, and Brazil are among those.
To stay on top of their game, Colombia is taking important steps forward to tackle cyber threats, a relatively new scourge that is growing exponentially, and defines a potentially new and contested realm for conflict in the 21st Century.
In the summer of 2012, the Colombian government made a commitment to broach cybersecurity and cyberdefense in order to enforce national information security, specifically through official organizations that would develop the bases and generate mechanisms to guarantee national security. The document, called CONPES 3701, established policy with national guidelines for cyber defense and cyber security for Colombia.
With this guiding principle, the South American nation officially concerted a whole-of-government approach to counter cyber threats and criminal activities in a coordinated and mutually supportive manner. By linking three parallel organizations designed to execute specific responsibilities in the cyber space domain, including the Joint Cyber Command (CCOC, for its Spanish acronym), the National Police Cyber Center (CCP) and the Ministry of Defense’s Computer Emergency Response Team (colCERT), Colombia built an initial cyber unit.
The CCOC was created with an initial force of 20 experts from backgrounds in communications, engineering, aviation and intelligence from all three Colombian Military branches to tackle cyber defense of the state, respond to cyber attacks, ensure critical infrastructure protection and defend military computer networks. On the other hand, the operating staff at the CCP, which depends on the National Police’s Criminal Investigation Directorate and Interpol, undertakes cyber security through law enforcement, investigation and prosecution of cyber-related crimes. Finally, the Ministry of Defense’s colCERT is mainly responsible for duties such as mitigation, prevention, addressing cyber incidents, as well as providing technical expertise and cyber security vulnerability awareness.
In December 2012, representatives from the Joint Cyber Center at the United States Southern Command’s (SOUTHCOM), and the U.S. Department of Defense’s Chief Information Officer (CIO), visited Colombia for a Subject Matter Expert Exchange (SMEE) with Military representatives of the newly-created CCOC and colCERT. The CIO is the Dept. of Defense’s primary authority for the policy and oversight of information resources management, to include matters related to information technology, network defense, and network operations.
“Since you’ve already gone through the long road [of development], we hope to gain keen insight on the steps toward making our joint cyber command operational …,” said Colombian Navy Captain William Hernandez, one of the CCOC participants at the SMEE.
In addition to setting the landscape for the capabilities needed to build a cyberspace operation force, in the three days of discussions, the partner nations shared ideas on topics ranging from the military roles in cyber; the civil, economic and military perspectives on its importance; the challenges this new domain presents, as well as the importance of having a national strategy to dictate procedures and actions. Other important discussions included cyber responsibilities to defend the homeland; the importance of multinational collaboration and information sharing as critical enablers; and critical infrastructure protection, among others.
Colombian Army Colonel Erich Siegert –current CCOC director– and his staff of cyber experts took advantage of the exchange to gain insight from SOUTHCOM cyber experts on creating a joint cyber command of their own, on how the U.S. initially stood up the United States Cyber Command, and on creating opportunities for future collaboration and recommendations.
Col. Siegert explained to Diálogo that 30 enlisted military personnel, 10 from each service, were selected to go through a customized cyber specific training program. “Half of these were assigned to the CCOC, while the other half went back to their respective service to work cyber operations from within,” he said. “Our intention is to expand from the organization we set up on November 12,” he underscored. So much so, that in order to emphasize the significance of the CCOC, the General Staff’s goal is to upgrade the director position to that of a general officer as soon as 2013.
Colombian Army Captain Milena Realpe, who also attended the SMEE, clarified that a presidential directive empowered the Ministry of Defense and the General Staff to exercise tasking authority over the services for cyber related activities. “The CCOC was designated Colombia’s defense joint and strategic lead for cyber,” she said.
Ultimately, the CCOC hopes to sustain a 24/7 operational capability with direct coordination from each of the Military services. “Each service will have dedicated cyber forces to work service-specific issues and coordination for the CCOC,” said Col. Siegert.
All in all, the triad between the CCOC, colCERT and CCP represents Colombia’s first critical steps against emerging threats in cyberspace. “The country’s commitment to creating these organizations makes the South American nation a regional advocate for cyber cooperation and positions it as a proactive participant in the global movement for action in cyber operations,” said U.S. Air Force Major Michael Donahue, SOUTHCOM cyber expert.