Yesterday, the Olhar Digital accompanied the National Cybersecurity Forum. In it, several authorities spoke about the challenges facing Brazil in the area. Among them, two directors from the Ministry of Science, Technology and Innovation (MCTI). They presented an idea, let's say, out of the box: that the Brazilian government start acting together with “hackers of the good”.
Who spoke first was José Sampaio Gustavo Gontijo Director of the Department of Science, Technology and Digital Innovation at MCTI. In his lecture, he started by talking about general difficulties, using an automotive metaphor:
“[Brazil] had a very large adoption and a very large access in the use of digital tools. And with the pandemic, that accelerated. Very good, people were able to work and be entertained and everything! But the speed with which you gave a Ferrari into people's hands was not the same speed as you taught people to drive a Ferrari.”
The biggest problem with “Ferrari”, a consensus among the speakers, is what Gontijo called the “interface between the chair and the keyboard”: the user. (Another speaker, Huawei's global cybersecurity director, Marcelo Motta, expressed his frustration in this way: “We can create the most perfect system and then the guy puts the password on the wall.”)
To solve the Ferrari problem, the consensus at the Forum is that education is the solution. But for cases where the attack is planned, the MCTI idea seems more unorthodox.
Government must train hackers
“In the area of defense, we have the Cyber Defense Command (Condeciber). It has a series of entities under it, acting and developing a national defense battalion focused on the cyber area. But it is for national defense, not in the area of civil readiness,” said Gontijo. “In the area of civil readiness, we have been working with the RNP [National Research Network] and talking to Nic [Ponto BR Information and Coordination Center] and CGI [Internet Management Committee] to create civil readiness and train people so that we have hackers for good all over Brazil”.
Good (or ethical) hackers is a way of referring to white hat hackers – those who know how to act like hackers, make intrusions and create malware, but use that knowledge to fight malicious hackers. Hence they are “good”. In theory.
“People prepared to act in a coordinated manner and support public and private entities when necessary. Today this is already happening in an unorganized way. (…) Minister Marcos Pontes always likes to say that we are a toolbox, and I put myself this way: we are a toolbox for [State] institutions, for operators, for research and teaching institutions , so that we can work together to train this civil battalion of ethical hackers that we need.”
The director mentions an initiative by the ministry, the MCTI Futuro, to provide digital education from elementary school to graduate school. “The first phase is focused on programming. There are 40 thousand programmers in 3 years. But we can and want to create a specific [program] for cybersecurity. We need this civil readiness because often the attack isn't a gigantic thing – it's a localized thing. A company in a state in the Northeast, a company in a state in the Midwest, which will not call Condeciber to act. But if you have localized hacker readiness, we've been able to trigger that group of ethical hackers from that region to support that company that is suffering some kind of attack.”
"Nothing is structured yet"
At the press conference that followed the talks, we asked how advanced this idea from government hackers is. Gontijo did not participate, but Paulo César Rezende de Carvalho Alvim, the MCTI's secretary for entrepreneurship and innovation, responded on behalf of the ministry.
“MCTI has a set of initiatives that it can articulate. And we usually work in a network. And when we talk about cyber defense – and the term we've been using is 'defense'; this is the model we use – we are talking about perhaps having a group of specialists”. begins. “Just to give you an example, when Covid appeared, in February , we created the Virus Network, bringing together 23 most renowned Brazilian researchers in the field of virology and they helped to build the strategy that the ministry followed in the area of combat to Covid."
“In the case of cybersecurity, we're thinking about it,” he continues. “But this has to be an active network – when you talk about cyber defense, every day you have something new. So this is a strategy that we are discussing. (…) This is something under construction. But it is one of our strategies to allow us to monitor all access. Not simply working on developing technological solutions, but also a community to monitor.”
“So”, he concludes, “this is a parallel strategy that we intend to carry out because we have instruments that allow this. But nothing is structured yet. We are in discussion. Gontijo advanced something that is being built here, and it needs to be built by several actors. And always respecting the General Data Protection Law [laughs in the background]. Because this is our marked point”.
The National Cybersecurity Forum took place yesterday (October 7th), at the headquarters of the National Telecommunications Institute (Inatel). It is a private university, created in 1965, and located in Santa Rita do Sapucaí (MG). Inatel develops new technologies and has a long-standing partnership with Huawei. In March of this year, the Inatel Cyber Security Center (CxSC Telecom) was created with the help of the Chinese company.
The meeting brought together public and private figures. In addition to MCTI, NIC.br and the National Data Protection Authority, a representative of Conexis, the Brazilian telecom business union, and two figures from Huawei also participated. Sun Baocheng, CEO of Huawei Brasil, was the second to speak and received an award.
The lectures can be seen in full here. The video was also broadcast on Huawei's channel:
Huawei famously was accused by the US government and other to spy for his native China, which led to various sanctions. Brazil, despite the current government's alignment with the US, did not join this wave.
The subject appeared discreetly on the Forum. He recalled more than once that Huawei has been present in Brazil for 23 years and that its technologies were tested without producing evidence of “espionage”. Speakers linked to the Brazilian government recalled that they were there as technicians, not to discuss geopolitics. And that, from that point of view, they had no objection to Huawei.
In addition to government hackers, the general feeling at the Forum is that the Chinese company has many important allies in Brazil. His future here, in contrast to Europe and the United States, looks promising. Inatel even presented its radar technologies, developed for the Brazilian Armed Forces.
We will return to this topic shortly.
- Lung ventilator developed in Minas Gerais will reach the market
- Huawei invests millions and opens 5G innovation center in São Paulo
- About 40% of Brazilian companies do not have a cybersecurity policy
You’ve already watched our videos on YouTube? Subscribe to our channel!