The Brazilian Army’s (EB, in Portuguese) Cyber Defense Command (ComDCiber, in Portuguese) brought together military and civilian institutions for an unprecedented exercise at Fort Marechal Rondon in Brasília, July 3-6, 2018. The Cyber Guardian (Guardião Cibernético) exercise simulated potential cyber incidents in the finance, nuclear, and defense fields to promote collaboration among participants and find the best solutions to issues.
A total of 115 participants from 23 organizations analyzed and solved 62 simulated scenarios related to the security of the Brazilian government’s critical structures. “The cyber domain threat is real, and a problem for the entire nation. It’s impossible to guarantee 100 percent security,” said EB Lieutenant General Guido Amin Naves, commander of ComDCiber. “We should promote integration with the various sectors of society to reduce vulnerability.”
Representatives from the Brazilian Armed Forces, the Presidential Security Cabinet (GSI, in Portuguese), the ministries of Defense and Foreign Affairs, and the Central Bank, as well as public and private banks and companies within the nuclear field, participated in Cyber Guardian. During the exercise, a study group drafted the National Network Incident Response Plan. The plan to be presented to GSI will serve as the foundation for the country’s future regulatory framework in the cyber field.
According to Brazilian Navy Rear Admiral Márcio Tadeu Francisco Neves, head of ComDCiber’s Joint Chiefs of Staff, the exercise prioritized the main critical infrastructures in Brazilian cyberspace. “We must test vulnerabilities, check on participants’ reactions, and promote integration to create a network,” he said.
The first edition of Cyber Guardian sets the format for similar exercises, including the possibility of international participation. “Collaborative action is not limited to internal organizations,” Lt. Gen. Amin said. “There are no boundaries in cyberspace, and we must promote cooperation with partner nations’ armed forces, establish partnerships, and share procedures in pursuit of security. International cooperation may be the focus in other editions of [Cyber] Guardian.”
Participants carried out the exercise with the National Cyber Operations Simulator, a tool exclusive to EB. “We raised various scenarios going from standard to malicious cyber incidents and extreme crisis within a fictitious country named Topázio,” said EB Lieutenant Colonel Walbery Nogueira de Lima e Silva, technical coordinator for the exercise. “In the simulation, the country’s critical structures were compromised and participants had to coordinate combined interagency operations to solve the issues and guarantee the security and well-being of the population.”
Participants divided into groups to evaluate simulated scenarios with the exercise’s crisis department. Experts analyzed the problems presented with the Request Tracker, a ComDCiber-developed software that supports decision-making of virtual crimes. “For the purpose of the exercise, all issues addressed were specific to the nuclear and financial fields, with incidents that institutions already experienced or likely vulnerable situations,” Lt. Col. Walbery said.
The incident response team from the Ministry of Defense of Topázio comprised service members from the three armed forces. “We followed and analyzed all incidents and advised the people in charge of implementing the responses,” said Brazilian Air Force (FAB, in Portuguese) Captain Júlio Cesar Moura de Oliveira, who took part in the exercise.
Capt. Júlio Cesar works at the Network Incident Response of FAB’s Air Computer Center. His role during the exercise was similar to his daily FAB duties. “The difference in the exercise is that I worked jointly with the other armed forces and participating agencies, and had the opportunity to incorporate and create a network that will be very useful in future events,” he said.
An attack on telephone companies, with severe consequences to the internet, was among the simulated scenarios. The incident, although not directly linked to security data of participating institutions jeopardized their operations. “The objective was to practice cooperation. The timely restoration of the system was beneficial to all,” said EB Major Renato Vargas Monteiro, who works at the Ministry of Defense’s Cyber Defense Center and took on the role of security events coordinator for the exercise.
Cyber Guardian also simulated a cyber incident at a nuclear plant, causing a blackout in an important region of the fictitious country. The scenario tested institutions’ response time and preventive measures needed to avoid similar incidents from occurring. “Each incident helps improve the process and expands security awareness,” said Brazilian Navy Lieutenant Commander Cláudio Farias de Lima.
Cyberdefense, stressed Lt. Cmdr. Cláudio, begins with each member of the organization. “Sometimes, people bring the biggest vulnerabilities. When it comes to security, we must be on permanent alert.”
“Attacks via email and messages with malicious software capable of secretly accessing a device increased by 90 percent between 2016 and 2017,” said Regis de Souza Carvalho at Cyber Guardian’s opening ceremony. At the event, De Souza, a professor of Computer Systems and Cyberdefense at EB’s Military Institute of Engineering, highlighted the most recent data from the 2017 Norton Cyber Security report. According to the report, Brazil comes in at second for the highest number of cybercrime cases, affecting about 62 million people and amounting to a $22 billion loss.