Cyber attacks are a constant in the daily news and countries are preparing for a network battle.
Nowadays, the apparent peace and tranquility between most governments, state and even private companies, is really just in appearance. Today we are already at war, a cyberwar, considered an evolution of conventional warfare, being waged in a common zone where everyone is connected: the internet.
Some governments already consider this zone a fifth domain of war, being by sea, land, air and space and, today, electronics. Almost all countries are already preparing for network battles, and they set up their own policies while there is still no international policy that provides legal certainty and sets combat rules.
The United States, for example, has already announced its defense strategy to this new war modality. For them, any attack from another country that affects their critical structures, including infrastructure companies, and causes damage, destruction or death could be considered an act of war, and will be answered as such, using conventional military force. .
Until a few years ago, the world was only facing arms wars between countries. Today, the world faces wars originating from small groups, which take advantage of the low cost of a cyberwar and their huge potential for disaster to develop large-scale attacks.
The three main reasons for choosing this type of war can be considered for the ease of espionage, because it is a silent attack without identity; for political reasons or terrorism, in order to bring damage, impacts and damaging infrastructure.
As a target, we can include governments, all major corporations, such as energy companies, transportation companies, financial and telecommunications companies, among others.
In Brazil, the government is concerned with “militalizing” cyber space by increasing control in the network environment. To this end, it has opened a special platoon for cyberwar, with a separate structure for this new modality. The country is preparing to be able to control not only air, sea or land attacks, but also to be aware of what is happening in the internet space and to prevent attacks and major disasters.
Despite the still embryonic maturity, the country should increase this maturity on the subject when it recognizes the need for specialized teams in Information Security. This concern lives up to Brazil's high exposure in this and the coming years, as the country will host major world events.
A significant case in the country occurred in May 2009, when a hacker changed the password of a government server and asked for thousands of dollars to reveal the new password. However, at the time, the affected agency had backup of all sensitive information and the server was recovered without the need to pay ransom.
Currently, we have been following several “graffiti” pages of government and companies. But it is not just governments that are potential targets for cyber attacks. Large corporations, where the physical impact may be greater than the technological one, need to ensure their security in order to prevent network attacks, cyber espionage, domestic and foreign malware infection, and virus hosting by mobile devices deployed by people.
We have seen cases like Aurora, supposedly created by China, which aims to capture information from specific companies, such as Google, which was one of dozens of victims of this attack. Another occurrence was the presence of malware on US Air Force drone planes, where a virus infected the aircraft cockpits, recording all commands sent to these ships, which are used in combat missions in countries such as Afghanistan, Iraq and others.
Each year the number of attacks on public agencies and corporate environments increases. We know that the government cannot protect private institutions, so it is necessary that companies have a policy against this new phenomenon of the internet. Constant technological innovations are tools that increase the risk of attacks, but they can also be allies to combat these cyber attacks. A good way to start protecting yourself is to make the Information Security area an ally and partner with all areas of the company, and be able and ready to keep the critical environment healthy and available for the business to operate.
* Umberto Rosti is CEO of SAFEWAY