Brazil: How cybercriminals may take advantage of a political crisis
Security

Brazil: How cybercriminals may take advantage of a political crisis

This is a contributed piece by Luiz Eduardo Technical Director LATAM for FireEye

 

Due to the economic and political situation in Brazil it is common to hear that some information security projects have simply lost priority due to budget cuts. Many institutions would rather wait for improvement in the economic landscape before making any investment.

For the threat actors, the lack of budget is irrelevant. Across the globe, these actors take advantage of political instabilities to increase their destructive activities. While for businesses the first thing that comes to mind are the common consequences of a cyber-attack.

However, while this is interesting it is also rather well known. What we tend not to think of is the opposite situation: how do attackers take advantage of a political crisis to make a political statement?

For a country like Brazil with good diplomacy and without participation in wars and conflicts, there may be a false impression that it is not important to anyone else or even worse, as we have witnessed in some meetings, “these types of cyber attacks have not arrived in Brazil yet”.

But this can’t last forever. Because whereas some foreign companies and governments might question their investment and alliances with a country in crisis, others see all of these negative events as the potential for great opportunities.

So, what if the threat actors can help businesses and governments to see this potential with greater clarity?

Other than a few events in the second half of 2015 the cyber world has been eerily quiet in Brazil recently. There were some attacks related to the defacement of government or political party websites, others related to leakage of government agencies data.

Yet there has been no call to action by hacktivist groups as of this writing, no simultaneous cyber attacks along with the demonstrations in the streets. All this silence should be suspect, with a current political atmosphere that is very polarized. Yes, the world may be busy with a number of global events, but what is happening in Brazil has global relevance.

More worryingly, case studies reveal that an attacker is, on average, 146 days within the infrastructure of an organization until the attack is discovered. These days the threat actors are much better organized than before, they are persistent and still have nothing to lose.

Brazil has evolved with respect to laws specific to e-crimes, including a new anti-terrorism law that covers sabotage or gaining control of communications and critical-infrastructure. And while it is a clear development to finally see laws that consider possible technological threats, these laws should be more assertive in regards to the possible motivations of an attack. Because although all organizations are now better prepared for protection against what we call the known-attacks, the real problem is the lack of protection against unknown-attacks.

So, if the number of cyber attacks against your organization in Brazil has remained the same or increased this can actually be a good sign. However, if the number decreased considerably or simply disappeared, it is quite possible that your organization has already been compromised.

PREVIOUS ARTICLE

«Port to (Data) Port: What Linux containers can learn from shipping containers

NEXT ARTICLE

Twitter's NFL play: the first nail in the free web's coffin»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Recommended for You

keri-allan

Latin America’s push towards digital transformation

Keri Allan looks at the latest trends and technologies

martin-veitch-thumbnail

Meeting Owl brings new wisdom to conferencing

Martin Veitch's inside track on today’s tech trends

phil-muncaster

A rare glimpse inside the Chinese cybercrime underground

Phil Muncaster reports on China and beyond

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should the government regulate Artificial Intelligence?