.JPG)
By Roberto Gallo and Paulo Sergio Melo de Carvalho
Combination of counterintelligence, euphemisms and the simple ignorance of cyber activity hinder the implementation of a strategic agenda for the Brazilian cyber sector.
Introduction
The cyber space is related to the use of computer networks where information transits in real time and the greatest difficulty in its conceptualization consists of transporting it from the virtual to the real world, as well as delimiting its borders, a fact that has been worrying the nation-states, therefore, affecting national sovereignty.
However, one fact is unquestionable: human activities are increasingly dependent on computer networks which, despite the enormous benefits they bring to decision making by government authorities and executives, reducing costs and time, are vulnerable to a new threat, the Cyber War.
The protection of computer networks of government agencies and related companies is a matter of National Security and should be a concern for the whole of society, extrapolating the military environment, with the understanding that Cybersecurity is the normal situation and Cybersecurity consists of in all actions taken to obtain, maintain or restore the condition of Cybersecurity when it is compromised by hostile acts originating in other Nation States.
Nowadays, those who follow the national or international news have had the opportunity to observe countless news reports that report cyber incidents, from the availability of critical infrastructures - telecommunications, energy, banking system, among others - going through theft of secret information from project projects. diplomatic weapons and communications, for example, even actions with kinetic results that result in loss of life, as in the case of the destruction of Iranian uranium centrifuges.
Many of these news are the result of military operations sponsored and / or carried out by nation-states and, although these are relatively voluminous, proportionally few gain relevance in the media.
This is easy to understand: many of these operations have as a measure of success precisely not to be discovered. In other words, it is totally fair to say that there are indeed conflicts in the cyber domain in progress around the world, often sponsored by state entities against both private and public targets, even though there are currently no “open wars” in the classic sense.
Obviousness aside, there are some aspects that end up going unnoticed by the non-military actors of the Defense ecosystem and that deserve to be explained.
Operational coordination.
In the current world situation, characterized by the uncertainty, mutability and volatility of potential threats, as well as by the presence of new non-state actors in possible conflict scenarios, in any country, the military expression of National Power must be prepared permanently, considering international disputes. current and future.
For this, strategic-operational measures must be adopted so that they can respond promptly and adequately, anticipating possible adverse scenarios for National Defense.
In this context, the Nation-State needs to be able to oppose external and internal threats that may affect its sovereignty, in a manner compatible with its own dimension and its political-strategic aspirations on the international stage.
This allows the country to achieve strategic objectives and preserve its national interests, in addition to the exercise of the right of defense guaranteed by the Federal Constitution and the international legal order.
Thus, Cyber Defense must be established as a fundamental activity for the success of military operations at all levels of command, insofar as it enables the exercise of Command and Control, through the protection of information assets, while allowing the same exercise is denied to the opponent.
As a specialized activity, its execution is based on a systemic conception, with methods, procedures, characteristics and vocabulary that are peculiar to it.
Cyber operations can occur strictly in the 5th domain of the battlefield or in coordination with kinetic operations in the other domains (land, sea, air and space), taking as a classic example the overthrow of the communications system in the Republic of Georgia before and during the invasion Russian 2008, corroborating that kinetic actions to aid cyber actions are also possible, either in the physical positioning of signal intelligence equipment (SIGINT), or in social engineering on a target.
Wrapping, but not.
Today, in the cyber world there is still no equivalent of what was powder or nuclear fission in the physical world. As a result, a strategy of encastelamento, that is, 100% protective fortification in Defense has reasonable effectiveness, delaying the success of the opponents.
However, mistakenly and often fueled by the distorted perception of suppliers in the world of Information Technology, some embody a mistaken view that protection capabilities are sufficient.
This perception is false. Just as in the kinetic world, it is important to deny the environment to the opponent, shoot down their platforms to stop an attack or simply show the muscles for the purpose of deterrence.
Non-attribution of origin.
In the cyber domain, a minimally competent attack leaves no definitive evidence of authorship. The attribution of the origin of attacks most of the time is circumstantial, probabilistic.
How to exercise deterrence in a context where retaliation is limited?
The answer comes in two axes: actions of intelligence, with the objective of solving targets and, concomitantly, a high power of counterattacks, which counterbalances, from the point of view of the opponent, the low chance of being caught. In other words, in the cyber domain, deterrence requires “sharp teeth and sharp eyes”.
Variety, not quantity.
Developing conventional armament, for example, a 4th generation air-to-air missile, intermediate, involves investments that come close to an R$ 1 billion, for a later production, in low volume, of units that can cost in the range R$ 500 thousand.
Readiness with such armament mainly means having the local productive capacity - acquired via autochthonous or offset development - and an arsenal with a reasonable number of pieces - after all, 100 units of a missile can do a damage 100 times greater than a single piece.
The logic of cyber weaponry is very different: when done in series, developing a cybernetic device can be as cheap as hundreds of thousands of reais, while its use has zero material cost, if there are no licenses for third parties.
However, with each use, there is a reasonable chance that a given weapon will become harmless as the vulnerability (s) it uses become known to the target. Taking this neutralization power into account, it is easy to conclude that a cyber offensive capability typically has a much more favorable cost-benefit ratio than its kinetic counterparts.
Thus, in the cyber world, readiness means constant development of varied artifacts, since cyberspace has no physical limitations of distance and space and has no geographically defined limits, being changeable and dependent on the environmental conditions and the creativity of the human being, where the side effects can be uncontrollable, implying that there is no fully secure computer system.
In short, cyberspace is sui generis and dual, since there is usually difficulty in assigning attacks, without knowing whether they are coming from actions carried out by the Nation-States or not.
Discussion
Those who follow the media, especially the channels specialized in information technology commenting on Defense topics, will rarely find clear references to offensive capabilities or cyber weapons. It is understood that situations such as that of Stuxnet, used against Iranian nuclear installations, seem an exception, when apart from the specific degree of sophistication is common.
On the other hand, in nation-states with a peaceful constitution and history, where defense is thought of as elements of protection of national integrity, with well-defined borders, the reality of the cyber world is at odds with the traditional pacifist deterrent ideas.
The main reasons for these divergences are related to the immateriality of physical borders and the difficulty in attributing the origin of attacks.
This gap is implicitly politically indigestible while the necessary exercise of offensive capabilities in times of peace goes beyond the military sphere.
In this context, often the objective reality of the sector is simply ignored or, in less serious cases, euphemisms, such as “active defense”, are used.
It is easy to see how this scenario hinders the strategic horizon of indigenous readiness in any country.
For the attacking nation-state, cyber war can be less expensive, both financially and politically, when the attack cannot be seen, making it a viable and appropriate alternative, according to the prospective scenario.
From a defensive point of view, the cyber threat can be considered more complex, given the diversity and vulnerabilities of the technology itself. Thus, the adaptation of the Nation-State to face it must be approached with responsibility, flexibility, speed and strategic vision, with an emphasis on intelligence and information technology activities.
Not only should the nation-state seek the implementation of new cybernetic structures in the governmental context, but actions in favor of synergy with other partners should be encouraged, through rules for purchasing, contracting and developing products and systems in the areas of information and intelligence technology, fundamental knowledge in this new operational domain of war, cybernetics.
The development of Cyber Defense in the Nation-State, therefore, should increase its capacity to act in a network with government agencies, public and civil agencies, academic institutions and the industrial defense base, in order to improve its protection activities, exploration and prompt response to the latent cyber threats from other nation states, organizations and even from diverse groups with the most varied motivations.
Roberto Gallo operates since 1999 in cybernetics. He is the founder and executive director of KRYPTUS EED S / A, coordinator of the cybernetics committee at ABIMDE and associate professor at the Escola Superior de Guerra de Colombia. He is a laureate of the “Air Marshal Casimiro Montenegro Filho” award from the Presidency of the Republic of Brazil for his doctoral thesis in the Cybernetics area.
Paulo Sergio Melo de Carvalho, reserve division general, was Chief of the Cyber Defense Center, responsible for carrying out collaborative activities and integration in the Military Cyber Defense System, from March 2014 to April 2016, and the first Commander of the Cyber Defense Command. Currently, he works as a consultant in the cyber sector, working on the FAPESP Project Academic Network of the State of São Paulo (ANSP Network) and advising companies, as well as being an associate professor at the Escola Superior de Guerra de Colombia.
Introduction
The cyber space is related to the use of computer networks where information transits in real time and the greatest difficulty in its conceptualization consists of transporting it from the virtual to the real world, as well as delimiting its borders, a fact that has been worrying the nation-states, therefore, affecting national sovereignty.
However, one fact is unquestionable: human activities are increasingly dependent on computer networks which, despite the enormous benefits they bring to decision making by government authorities and executives, reducing costs and time, are vulnerable to a new threat, the Cyber War.
The protection of computer networks of government agencies and related companies is a matter of National Security and should be a concern for the whole of society, extrapolating the military environment, with the understanding that Cybersecurity is the normal situation and Cybersecurity consists of in all actions taken to obtain, maintain or restore the condition of Cybersecurity when it is compromised by hostile acts originating in other Nation States.
Nowadays, those who follow the national or international news have had the opportunity to observe countless news reports that report cyber incidents, from the availability of critical infrastructures - telecommunications, energy, banking system, among others - going through theft of secret information from project projects. diplomatic weapons and communications, for example, even actions with kinetic results that result in loss of life, as in the case of the destruction of Iranian uranium centrifuges.
Many of these news are the result of military operations sponsored and / or carried out by nation-states and, although these are relatively voluminous, proportionally few gain relevance in the media.
This is easy to understand: many of these operations have as a measure of success precisely not to be discovered. In other words, it is totally fair to say that there are indeed conflicts in the cyber domain in progress around the world, often sponsored by state entities against both private and public targets, even though there are currently no “open wars” in the classic sense.
Obviousness aside, there are some aspects that end up going unnoticed by the non-military actors of the Defense ecosystem and that deserve to be explained.
Operational coordination.
In the current world situation, characterized by the uncertainty, mutability and volatility of potential threats, as well as by the presence of new non-state actors in possible conflict scenarios, in any country, the military expression of National Power must be prepared permanently, considering international disputes. current and future.
For this, strategic-operational measures must be adopted so that they can respond promptly and adequately, anticipating possible adverse scenarios for National Defense.
In this context, the Nation-State needs to be able to oppose external and internal threats that may affect its sovereignty, in a manner compatible with its own dimension and its political-strategic aspirations on the international stage.
This allows the country to achieve strategic objectives and preserve its national interests, in addition to the exercise of the right of defense guaranteed by the Federal Constitution and the international legal order.
Thus, Cyber Defense must be established as a fundamental activity for the success of military operations at all levels of command, insofar as it enables the exercise of Command and Control, through the protection of information assets, while allowing the same exercise is denied to the opponent.
As a specialized activity, its execution is based on a systemic conception, with methods, procedures, characteristics and vocabulary that are peculiar to it.
Cyber operations can occur strictly in the 5th domain of the battlefield or in coordination with kinetic operations in the other domains (land, sea, air and space), taking as a classic example the overthrow of the communications system in the Republic of Georgia before and during the invasion Russian 2008, corroborating that kinetic actions to aid cyber actions are also possible, either in the physical positioning of signal intelligence equipment (SIGINT), or in social engineering on a target.
Wrapping, but not.
Today, in the cyber world there is still no equivalent of what was powder or nuclear fission in the physical world. As a result, a strategy of encastelamento, that is, 100% protective fortification in Defense has reasonable effectiveness, delaying the success of the opponents.
However, mistakenly and often fueled by the distorted perception of suppliers in the world of Information Technology, some embody a mistaken view that protection capabilities are sufficient.
This perception is false. Just as in the kinetic world, it is important to deny the environment to the opponent, shoot down their platforms to stop an attack or simply show the muscles for the purpose of deterrence.
Non-attribution of origin.
In the cyber domain, a minimally competent attack leaves no definitive evidence of authorship. The attribution of the origin of attacks most of the time is circumstantial, probabilistic.
How to exercise deterrence in a context where retaliation is limited?
The answer comes in two axes: actions of intelligence, with the objective of solving targets and, concomitantly, a high power of counterattacks, which counterbalances, from the point of view of the opponent, the low chance of being caught. In other words, in the cyber domain, deterrence requires “sharp teeth and sharp eyes”.
Variety, not quantity.
Developing conventional armament, for example, a 4th generation air-to-air missile, intermediate, involves investments that come close to an R$ 1 billion, for a later production, in low volume, of units that can cost in the range R$ 500 thousand.
Readiness with such armament mainly means having the local productive capacity - acquired via autochthonous or offset development - and an arsenal with a reasonable number of pieces - after all, 100 units of a missile can do a damage 100 times greater than a single piece.
The logic of cyber weaponry is very different: when done in series, developing a cybernetic device can be as cheap as hundreds of thousands of reais, while its use has zero material cost, if there are no licenses for third parties.
However, with each use, there is a reasonable chance that a given weapon will become harmless as the vulnerability (s) it uses become known to the target. Taking this neutralization power into account, it is easy to conclude that a cyber offensive capability typically has a much more favorable cost-benefit ratio than its kinetic counterparts.
Thus, in the cyber world, readiness means constant development of varied artifacts, since cyberspace has no physical limitations of distance and space and has no geographically defined limits, being changeable and dependent on the environmental conditions and the creativity of the human being, where the side effects can be uncontrollable, implying that there is no fully secure computer system.
In short, cyberspace is sui generis and dual, since there is usually difficulty in assigning attacks, without knowing whether they are coming from actions carried out by the Nation-States or not.
Discussion
Those who follow the media, especially the channels specialized in information technology commenting on Defense topics, will rarely find clear references to offensive capabilities or cyber weapons. It is understood that situations such as that of Stuxnet, used against Iranian nuclear installations, seem an exception, when apart from the specific degree of sophistication is common.
On the other hand, in nation-states with a peaceful constitution and history, where defense is thought of as elements of protection of national integrity, with well-defined borders, the reality of the cyber world is at odds with the traditional pacifist deterrent ideas.
The main reasons for these divergences are related to the immateriality of physical borders and the difficulty in attributing the origin of attacks.
This gap is implicitly politically indigestible while the necessary exercise of offensive capabilities in times of peace goes beyond the military sphere.
In this context, often the objective reality of the sector is simply ignored or, in less serious cases, euphemisms, such as “active defense”, are used.
It is easy to see how this scenario hinders the strategic horizon of indigenous readiness in any country.
For the attacking nation-state, cyber war can be less expensive, both financially and politically, when the attack cannot be seen, making it a viable and appropriate alternative, according to the prospective scenario.
From a defensive point of view, the cyber threat can be considered more complex, given the diversity and vulnerabilities of the technology itself. Thus, the adaptation of the Nation-State to face it must be approached with responsibility, flexibility, speed and strategic vision, with an emphasis on intelligence and information technology activities.
Not only should the nation-state seek the implementation of new cybernetic structures in the governmental context, but actions in favor of synergy with other partners should be encouraged, through rules for purchasing, contracting and developing products and systems in the areas of information and intelligence technology, fundamental knowledge in this new operational domain of war, cybernetics.
The development of Cyber Defense in the Nation-State, therefore, should increase its capacity to act in a network with government agencies, public and civil agencies, academic institutions and the industrial defense base, in order to improve its protection activities, exploration and prompt response to the latent cyber threats from other nation states, organizations and even from diverse groups with the most varied motivations.
Roberto Gallo operates since 1999 in cybernetics. He is the founder and executive director of KRYPTUS EED S / A, coordinator of the cybernetics committee at ABIMDE and associate professor at the Escola Superior de Guerra de Colombia. He is a laureate of the “Air Marshal Casimiro Montenegro Filho” award from the Presidency of the Republic of Brazil for his doctoral thesis in the Cybernetics area.
Paulo Sergio Melo de Carvalho, reserve division general, was Chief of the Cyber Defense Center, responsible for carrying out collaborative activities and integration in the Military Cyber Defense System, from March 2014 to April 2016, and the first Commander of the Cyber Defense Command. Currently, he works as a consultant in the cyber sector, working on the FAPESP Project Academic Network of the State of São Paulo (ANSP Network) and advising companies, as well as being an associate professor at the Escola Superior de Guerra de Colombia.
Source: The Defesanet
EN 
PT 
