Records place the attack in March. For a few moments the formality of the Foreign Ministry's website was replaced by a yellow logo, Arabic letters and an inscription condemning the "bloodbath in Cairo". It was one of the more than 20 computer attacks that Uruguayan public bodies have received in the last year and which are listed in Zone-h. Although it may seem unusual, this database of hacked pages is a showcase where hackers from all over the world display their conquests. The more attacks, damage and importance of the victim, the higher the prestige. According to computer experts, this kind of public medal, which shows only one type of technological crime, is "the tip of the iceberg" of what often happens on official websites: before the end of the day at least one government agency will receive a computer attack.
Crime is modernizing along with technological advances. And so are the profiteers. That's why attacks on websites that offer vital services for the government and the economy of a country are among the most precious: they handle information of public interest and large databases. This sensitivity means that many Uruguayan organizations invest between US$ 3,000 and more than US$ 25,000 a month in computer security, increasing the number of incidents they detect per day. That explains why at least one attack a day is discovered in government sectors, explains Leonardo Berro, regional director of Security Advisor, a company specializing in computer security that has several government institutions as clients.
In the first half of this year, Uruguay's National Computer Security Incident Response Center (CertUy) handled 11% more incidents than in the same period last year. If the trend continues, the year will end "with more than 1,000 incidents registered, three per day," said Santiago Paz, the center's director. CertUy's statistics include those services related to health, public order, emergency services, energy, telecommunications, transportation, drinking water supply, ecology and environment, agribusiness, public, banking and financial services or any other that affects more than 30% of the population, as established by a 2009 decree.
Only 3% of the recorded incidents are serious. The rest are minor modifications to a page, the theft of a password or the appearance of spam messages. One of the attacks that grew the most during the year, says Berro, is ransomware, a term used when access to a program or file is restricted and a ransom is demanded in exchange.
Attackers, such as "Dr. Afndena" who hacked the Foreign Ministry, are usually abroad and take advantage of the vulnerability offered by different websites around the world. They take advantage of the lack of updating pages or software, or the low investment in computer security.
In Israel, every technological project, public or private, must allocate at least 8% of the budget to security, explains Paz. In Uruguay, "it is unthinkable" that any agency would place such emphasis on this area, except for the Agency for the Development of e-Government, which has invested 15% of its budget for the online procedures platform in security.
According to Paz, "not all the investment in the world will prevent an attack," but "you will have better training and more attention. There are times when agencies report incidents that are not even an attack, but human error. "It's typical that someone leaves accounts open or doesn't renew the password," says Paz.
Other times mistakes are simply a blunder. That happened to the Presidential Communications Secretariat a week ago. On the occasion of the conference of the ousted president of Brazil, Dilma Rousseff, and the president of the Frente Amplio, Javier Miranda, the Secretariat posted on its official Twitter account: "We are live on frenteampliotv.com and on our Facebook fan page #DilmaEnUruguay".
How is it possible that a presidential account could be used to make a political-partisan allegation? It was then that the Secretariat commented that the account had been "hacked". But in response to the reproaches of users, it was clarified that it was "human error.
The new counter
"We are rehearsing the murga of the Intendencia, wait a moment, we'll be right with you". That classic behavior of the bureaucracy that Curtidores de Hongos sang about is destabilized by social networks. And the Municipality of Montevideo is, paradoxically, one of the few public agencies in the country that understood the new paradigm, says Juan Méndez, professor of the course on social networks for organizations at Udelar and author of the first manual on the use of social networks in the State, to be published in December.
More than 6% of Montevideo's inhabitants follow the municipality's Twitter account. And the efficiency index, a coefficient obtained by measuring the interaction with followers and the good use of the network, is 80 points on a scale from 1 to 100.
"The public administration is running behind in the use of social networks," says Méndez. In countries with lower internet penetration, they still have greater use of the networks. One example is Chile, whose presidential Twitter account covers 5.5% of the population, while Uruguay's Secretariat of Communication covers only 1.9%.
The less than 65,000 followers of the Secretariat of Communication's account are few compared to the 400,000 Uruguayan users on Twitter. This dependency of the Presidency does not even have a presence in other networks such as Facebook, where there are 2.5 million Uruguayan users.
Even so, the Secretariat of Communication is one of the most followed accounts, surpassed only by Uruguay Natural, Antel and the Municipality of Montevideo, which speaks of the low "penetration" of the other agencies. This lack of followers is just a sign of the "disregard there is in the State about these new means of communication" and a consequence of the fact that the main political actors "are still conservative," criticizes Méndez. This sometimes results in social networks being managed by "trusted" people instead of "trained professionals".
For the expert, the "mistake" made by the Presidential Communications Secretariat "could not happen" in the first world. And if it had happened, "a head would have rolled by now. According to Méndez, an organization of this hierarchy cannot allow the person in charge of the virtual community to manage more than one account on the same device and, even worse, once a mistake has been made, not admit it and apologize.
La falta de autocrítica generó un problema mayor, explica Clarisa Lucciarini, directora ejecutiva de la consultora Pimod. “Se conoce como el efecto Barbra Streisand”, en referencia a un episodio en que esta actriz quiso que se “bajara” de internet una foto y su “queja” llevó a que más gente la terminara viendo.
From other organizations, says Lucciarini, it is interpreted that it is "better not to be" in the networks, so you don't receive criticism or make mistakes. But according to the expert, that position only shows ignorance: "many users contribute more than they destroy.
In order not to make these mistakes, as well as to avoid a computer attack, it is necessary to "invest" in professionals and, Méndez adds, that the politicians "at the top" understand the new logic. (Production: Mariana Castiñeiras).
Interns behind the new communication channels
"We were fooled by the traditional media," read a sign carried by one of those disenchanted with Donald Trump's victory. Some political analysts explained that the "phenomenon" of the Republican candidate was linked, in part, to social networks. In Uruguay, these cyber spaces "are not yet vital" for electoral campaigns, acknowledges Juan Méndez, a teacher. The strongest proof is that Tabaré Vázquez and José Mujica, the two presidents since the emergence of the networks, "do not have a presence on them. The Ministry of Education and Culture has the most social media accounts, but among those 27 "there is no common strategy or the same communication criteria," says Méndez. Conversely, the Mides has 14 accounts, but "it does maintain a unified presence. Among the municipalities the reality is also uneven. While the capital's municipality reaches 6% of the citizens of the department, with a professional work, those of Artigas and Treinta y Tres have 20% of the population of their locality. Laura Corvalán, a social networking expert, explains that sometimes the person who does networking is someone from the communications team who, after putting together newsletters, posts. "Sometimes it's an intern or a person who has just joined.
Source: El País
Connect