Andersonn Kohl*
The advance of digital transformation, now accelerated by 5G technologies, requires public and private organizations to take even greater responsibility for the impact of their activities on the entire cyber ecosystem. As the interconnectivity and interoperability of systems intensifies, so does the responsibility of everyone to secure their networks.
Cyber incidents are considered the top risks to businesses today, according to the Allianz Risk Barometer 2022 report. The possibility of a cyber attack affecting the business is the top concern for 44% of the 2,650 respondents in 89 countries.
Without geographical boundaries or barriers between the physical and digital, cybercriminals are looking for vulnerabilities in systems anywhere in the world. Banks, government institutions, energy networks, commerce, services, companies of all sizes and sectors can be targeted; no one is completely immune.
In the case of critical infrastructure – hydroelectric and nuclear power plants, the financial system, air transport, water supply, logistics services, etc., attacks can affect an entire society and put the sovereignty of a country at risk. The cyber attack that last year paralyzed the operations of the US company Colonial Pipeline, responsible for the distribution of more than 40% of the fuel on the East Coast of the United States, is a clear example of the impact that goes far beyond the corporate scope of the cybercrime target.
In the Defense field, cyber conflicts between countries have been registered more frequently in recent years, but it was mainly after the Russian-Ukrainian War that broke out in February this year, that the debate about the real risk of a Cyber War left the discussions between experts and became an agenda discussed by society.
This has been a concern of Brazil’s Armed Forces since 2008, with the 1st Edition of the National Defense Strategy, consolidated in 2014, when the Cyber Defense Command (ComDCiber) was created, a government initiative to strengthen the national cyber defense strategy, which brings together military personnel from the Navy, Army and Air Force.
More recently, in 2020, the Ministry of Defense announced the creation of the Military Cyber Defense System (SMDC), with ComDCiber as its central body. The SMDC aims to conduct protection, exploitation and cyber-attack actions for the benefit of the National Defense, aiming at benefits for society as a whole, and also to support cybersecurity in interagency activities, such as the protection of the country’s critical infrastructures.
The data indicates that Brazil is on the right track. Last year, the country improved 53 positions in the world cybersecurity ranking released in 2021 by the International Telecommunications Union (ITU), a UN agency. Brazil jumped from 71st to 18th place, and among the American countries is in 3rd place, surpassed only by the USA and Canada. The ITU survey on cybersecurity governance involved 194 countries.
Despite the positive scenario, there is still much to be done to strengthen our cyber ecosystem. The maturity of our Cyber Defense is clear, driven by constant training and the joint work of the Armed Forces with government agencies, academia and the private sector – the so-called triple helix.
At Atech we have contributed, together with Tempest, another Embraer Group company, with our technologies for the advancement of the country and public and private organizations in the field of cyber defense and cybersecurity.
We have in our portfolio comprehensive and customized solutions that aim to preserve assets, reduce losses and add value to businesses and institutions, The Arkhe Cyber , a robust set of solutions to provide security and high availability to systems and infrastructure, ensuring the integrity of digital assets, information protection, planning, detection, analysis and response to cyber events and physical and logical defenses.
To reinforce our expertise in this segment and in systems integration and engineering, we annually participate in cyber exercises in Brazil and other countries. One of them is Exercise Cyber Guardian (this year in its version 4.0), considered the largest cyber exercise in the Southern Hemisphere. In the third edition of Guardião, in October of last year, Atech acted with SDA – Air Defense System. Our team was responsible for the C4I and C2 technologies for integration, command and control, intelligence and situational awareness, which assist decision making in threat situations, including cyber attacks in scenarios with military characteristics.
In the Brazilian exercise, our team also shares the knowledge acquired in national and international cybersecurity activities. The main one is Locked Shields, the largest and most complex Cyber Defense Exercise in the world, in which we participated for the second consecutive year in April.
The training, organized by the NATO (North Atlantic Treaty Organization) CCDCOE (Cooperative Cyber Defense Center of Excellence), simulates attack and cyber defense of critical systems in different scenarios and environments in a fictitious country.
During two days, our team and the participating teams exercised the protection of national IT systems and critical infrastructure under the pressure of a large-scale cyber attack. Besides protecting various cyber-physical systems, the teams practice tactical and strategic decision making, cooperation and chain of command in a crisis situation, where they also have to deal with forensic and legal issues.
Atech was the only Brazilian company to participate in the 2022 edition of Locked Shields, having the opportunity to globally present our country’s experience and technological capacity.
This year we also participated in CyCon 2022 – International Conference on Cyber Conflict, which took place from May 31st to June 3rd, and has been held for 14 years by CCDCOE in Tallinn, Estonia.
The Conference brought together representatives from government, military, academia and industry to discuss technical, legal and policy aspects of cyber security and defense. In this edition, the central theme was Keep Moving!, with discussions on cybersecurity in transportation and the supply chain, autonomous technologies, and automation, encouraging participants to think about ways to coordinate joint responses to the challenges brought by new technologies and ways not to be paralyzed until the next global crisis.
In matters of cyber security and defense we have to be always one step ahead, in continuous motion and looking to the future of new technologies as well as the evolution of attack techniques, and how both will impact the cyber ecosystem, requiring us to be increasingly empowered to provide maximum protection for all.
*Andersonn Kohl is Commercial Manager at Atech. *** Translated vby DEFCONPress Team ***