The public institutions of the Uruguayan State, and some relevant actors in the private sector, have never received as many cyber attacks as in 2016. In total, the Uruguayan Computer Security Incident Response Center (CERT) counted 21 cases - six of very high severity and 15 of high severity - in which an external agent penetrated a dependency considered as "critical infrastructure" for providing a massive and indispensable service.
Those twenty or so cases of extreme importance are part of a broader reality: 768 cases of computer security "incidents" detected by CERT in 2016, which implies 33% of the incidents attended by CERT in 2015. However, those numbers are just the cases that the Response Center was able to detect, but do not constitute the totality of cases, Santiago Paz, director of the Information Security area of Agesic (e-government agency), told El Observador. That's why the government is planning to create a National Operations Center in 2017 to improve cybersecurity operational capacity. Paz explained that this center will give the possibility of real-time analysis and monitoring 24 hours a day, seven days a week. "We will be able to see the problem, detect it and work on it in real time," said the specialist. This translates, in fact, into a preventive capacity that today depends solely on the good practices of users. "We will be able to block before a cyber attack occurs because we will detect subtleties. For example, if we see that every month at a certain time someone tries to attack the page of an institution, we will be able to act preventively," said Paz.
The risk
The level of exposure and threats are the two variables to measure when trying to calculate the risk level of any entity. As important as it is to monitor the possible areas that make a state vulnerable, it is not to invest energy in threats that do not exist, explained Paz.
Countries like the United States, Russia or China receive an infinite number of attacks and therefore require a high operational capacity. "In a few years, it will be much worse for them and we will be where they are," said Paz. CERT knows exactly the level of technology in all state agencies and the potential exposure that comes with it. However, there is a constant question about possible flanks discovered.
Most cyber attacks in Uruguay today are "randoms" - they are not defined by a defined strategy - except for one particular type: those that focus on the banking sector.
In a recent meeting with Israeli specialist Rami Efrati, Agesic managed to bring together all the banks' security chiefs at the same table, which surprised the expert. "We have to work collaboratively," said Paz, who added that one of the big challenges is to be able to form a cybersecurity ecosystem in Uruguay. "We must integrate our efforts with the ten or 20 cybersecurity companies operating in Uruguay," he said.
Prepared
This phenomenon that stalks the country is not exclusive to Uruguay, but is part of a global threat that is becoming more and more important. But far from finding it dormant, Uruguay has been preparing for these events for more than a decade.
Prior to the creation of Agesic in 2007, there were eight academic component groups. One of them was strictly dedicated to the study of cybersecurity issues. "Since the beginning of the consideration of an intense digital development strategy, the issue of cybersecurity was taken into account," Paz said. That made things easier because in this issue, as in so many others, it is more difficult to work backwards "patching" situations that were not well resolved.
With the creation of Agesic, an advisory council was formed that brought together representatives from different state agencies to discuss with an "open approach" where the emphasis should be placed. These first institutional steps not only prepared the country for the future but also positioned it at the forefront in Latin America on this issue. "At the time we were very innovative, there were not many countries in the region working on the issue," Paz said. That led states like Panama, El Salvador, Colombia and Ecuador to turn to the Uruguayan experience for their strategic development and to hire Uruguayan specialists to become operational.
Studies by the Inter-American Development Bank (IDB), the Organization of American States (OAS) and Oxford University in the United Kingdom, which sought to assess the "state of maturity" of cybersecurity in Latin America, put Brazil and Uruguay at the top of the region.
Despite this positive outlook, some challenges remain. The first is to create "greater awareness" among citizens. "We are very technological in Uruguay and there is massive access, but we have to create a culture of cybersecurity," Paz said. Agesic launched the "Conectate seguro" campaign in November of last year, which aims to raise awareness, and Paz said the second challenge is that all those who choose careers related to technology must take a course in cybersecurity.
Source: The Observer
Connect