In 2011, hackers conducted the first successful attack on Brazilian Army computers. They didn’t manage to compromise strategic information during the attack, but they copied names and personal data of service members. The criminals also demonstrated that they were capable of overcoming a firewall on the Army network.
The incident underscored a need that had already been identified by the National Defense Strategy, which in 2008 defined information technology as a strategic sector for Brazil's defense. In 2011, authorities began to implement the Strategic Cyber Defense Project, which falls under the responsibility of the Brazilian Army.
The Strategic Cyber Defense Project has proved successful in preventing further attacks. The project's pillar is the Cyber Defense Center (CDCiber), located at Army headquarters in Brasília. Nine sub-projects focus mainly on training human resources as well as on research and development of cyber defense and security tools.
“In the virtual world, there are thousands of attempts to attack Information and Communications Technology (ITC) systems,” said Lieutenant General Paulo Sergio Melo de Carvalho, the head of CDCiber. Data, including that from the Center for the Study, Response, and Treatment of Security Incidents in Brazil (CERT.Br), corroborate “the perception that cyber threats are expanding exponentially with the Internet.”
In 2014, more than one million attacks against both civilian and military Internet-connected computers were reported throughout Brazil. The majority of these attacks correspond to fraud attempts (44.6 percent ), followed by scans on computer networks to identify targets (25.1 percent) and cyber-attacks to crash the operation of a specific service (21.3 percent).
Cyber Operations simulators help train Soldiers
To thwart such attacks, the Military is using the skills of both its and civilian personnel, some of whom provide training on how to detect and stop such assaults.
“The profiles of the professionals working in the sector range from people with managerial and technical skills in the field of information security to those with qualifications in the legal area and the research and development area, covering members of the Military and civilians,” Lt. Gen. Carvalho added.
There are various training strategies for each branch of such skill-mapping, from internships in national civil industries to courses offered by educational institutions of the Armed Forces, such as the Military Institute of Engineering (IME) and the Integrated Electronic Warfare Center (CIGE, for its Portuguese acronym). The CIGE is equipped with the country’s first Cyber Operations Simulator (SIMOC, for its Portuguese acronym), which is to help train teams participating in the Armed Forces’ operations Atlântico IV and Anhanduí later this year.
Through SIMOC, it is possible to run cyber protection actions in a controlled environment as well as conduct training based on real scenarios of catastrophes and compromises to national infrastructure.
Brazilian company Rustcom developed the simulator under guidance from CIGE and it has been in use since 2013. Simulated scenarios have been constantly renewed.
“Given that the development of the simulator is a continuous improvement process, new requirements are being introduced to improve the tool. This year, new scenarios will be developed that meet the specificity of the joint training under the Ministry of Defense,” Lt. Gen. Carvalho added.
Partnership with educational institutions
The protection of critical Brazilian infrastructure such as hydroelectric power plants, refineries, and telecommunications networks, is one of the critical focus areas for national defense. At least two of the Brazilian Army's seven current strategic projects are designed to minimize infrastructure threats.
While Project Proteger is concerned with physical security, the Strategic Cyber Defense Project aims to protect the virtual environment of these strategic structures. One of the project’s most recent initiatives was establishing the Electronic Security Laboratory for Communications and Cybernetics (LaSEC²), which was inaugurated March 3 in the Itaipu Technological Park.
LaSEC² will develop tools for ensuring the security of the federal government’s information assets, using security operations for the Itaipu hydroelectric power plant as a model.
“We will work on the protection of Itaipu as a case study, and at the same time, we will seek out national solutions [for cyber defense],” Lt. Gen. Carvalho said during the inauguration ceremony for the laboratory.
The hydroelectric power plant, located between Brazil and Paraguay, is responsible for supplying 17 percent and 75 percent respectively of the nations' consumed energy.
The laboratory is part of the National Information Security and Cryptography Network (RENASIC), one of the Strategic Cyber Defense Project's 10 sub-projects. Since 2008, when RENASIC was established, eight laboratories have been created throughout the country, in addition to LaSEC². Hundreds of university researchers participate in RENASIC with the goal of increasing Brazilian competencies in Information Security and Cryptography (SIC). Since they can make messages unintelligible and decipher encrypted messages, cryptography techniques play an important role in protecting data from unauthorized access.
Cyber defense policy to gain more support
The year 2015 has special importance for the cyber sector in Brazil. Studies and discussions are underway for creation of the National Cyber Defense School and the Cyber Defense Command. The Ministry of Defense stipulated the creation of these organizations in an October 2014 decree (Regulatory Decree 2,777/MD) as part of a series of measures to strengthen the country’s cyber defense policy. The initiative complements efforts being made in this area through the Army’s Strategic Cyber Defense Project.
The National Cyber Defense School will function as a center for National Cyber Defense research and development and include participation of military and civilian institutions and professionals. The Cyber Defense Command is expected to supervise, coordinate, and provide the technical and regulatory guidance for the activities of the Brazilian Cyber Defense System. The Army’s Cyber Defense Center (CDCiber) will focus solely on operations.
According to information from SOUTHCOM's Joint Cyber Center (JCC), CDCiber has collaborated for the past two years with U.S. Army South and the JCC on cyber defense military operation information exchanges.
Both the School and the Command will serve Soldiers from the three branches of Brazil's Armed Forces, with the Joint Chiefs of Staff coordinating operations.