Brazil has connected to the network – but with its costs. Law-abiding citizens have indulged in Internet usage with limited knowledge of its manipulations. With 54.2 percent of Brazilians online, the first challenge is to create a risk-aware culture where citizens understand the dark arts of the virtual domain. Furthermore, digital empowerment has fallen into the wrong hands; high concentrations of broadband network infrastructure have interconnected illegal opportunists. Trend Micro reports that Brazil houses the third largest computer market and the fourth largest cell phone market worldwide. The digital demand is high, and the trends of supply will progressively increase. Meanwhile, online criminals have exploited this high dependency on computer and network technology.
The second challenge is to construct an adaptive defense framework against cyber threats. If you surveyed Internet usage in Brazil, you would see a fair distribution amongst age groups. Observe: Ages under 15 (17%); 15-24 (22.4%); 25-34 (23.3%); 35-44 (20.9%). This means that uninformed youth and a technologically-dependent workforce of millennials and beyond provide a diversified stream of victims for online criminals. As Internet usage skyrockets, so does user dependency. Freedom and convenience have become synonymous with online activity, but high competency in cyber threats is atypical. The Internet was not made for security; it was made to connect. That is, the Internet is not as dependable as Brazilians have considered it.
These factors considered, criminals seem to have a lot to work with. Not only can attacks be largely automated from afar, but unsuspecting victims do much of the work for them. For one, many citizens ignore system updates on their computers and mobile devices, and/or recycle personal protection configurations (e.g. logins and passwords). Vulnerabilities also arise from accessing websites with illegitimate security certificates. The Android operating system, while highly popular in Brazilian markets, is fundamentally insecure. The software works on an open-source architecture, which means that anyone can look at its source code and create system and user applications to spread malware (“malicious software”).
Brazil must tackle this growing threat to citizen security. The primary goal is user education. With this development, Brazilians can understand the risks of full disclosure online. If public policy does not prioritize institutionalized education of computer basics, users already have alternatives today. Brazilians would be wise to engage in free/low-cost online courses, such as Coursera or Veduca. In contrast to many security challenges, cyber threats can avoided with self-education. Brazilians can learn about the dangers of the Internet, the motives of attackers, and proper course of action upon infection.
Microsoft reports more “Worms” and “Trojans” encountered in Brazil than other malware comparatively worldwide. “Worms” lay and replicate malicious payloads on users’ computers, whereas “Trojans” open back-doors to hackers under the pretext of harmless software – equally waning user productivity. “Phishing” is another serious threat. These scams reel in victims through seemingly trustworthy emails, with toxic attachments (e.g. a JPEG image or PDF file) or infected URL hyperlinks. “Spear Phishing” – or, infected emails targeting key individuals — has grown in popularity as well. In Brazil, hackers can target select politicians for their inaction towards military police brutality or deplorable prison conditions. Keep in mind: the Internet has interconnected not just citizens, but criminals and the security framework they work in.
Adaptive legislation is critical; Brazil has over a thousand cyber bills under review. However, uninformed politicians attempt to create laws for a phenomenon largely misunderstood. Resultingly, punitory precedents are poorly conceptualized and/or not enacted. Promoting an effective cyber judicial model means a realignment of priorities. The Brazilian Congress must recognize that crimes in the offline/physical world and the cyber world are now mutually reinforcing. The Internet expedites delinquency: online criminals have higher illicit returns, facilitated communications, and a lower probability of detection. Cyberspace must be tackled with pragmatic legislation that tailors standard law enforcement to crimes that occur online.
Next, legislation promoting public and private sector information sharing can develop strategic synergies. A risk-aware citizenry would promote public policy for IT education while politicians would educate themselves in cyber threats to (in principle) to conceptualize the new norms for cyber behavior. After all, the state, in collaboration with informed private enterprises and civil society, can work at the same speed and frequency at which criminals exercise their immoral practices — the Internet is open to all. A whole-of-Brazil crackdown on cybercrime is a powerful deterrent.
Brazil has one of the highest numbers of Facebook and Twitter users worldwide – 103 million and 33.3 million accounts respectively. This means that citizens can spread information faster than most other Latin American nations, potentially placing Brazil at the podium of a much-needed discourse on cyber defense. The nation’s digital bill of rights, Marco Civil da Internet, has championed Brazilians’ desire for freedom of speech and privacy online. Such legislation, though, did lose some clout when the country shut down the mobile messaging app, Whatsapp, for 48 hours in late 2015, an event that suggests the digital law does not yet fully respect citizens’ communication rights. Brazilians must continue to fight for liberty on the Internet, and prevent telecom companies from passing censorship laws in Congress. Now is not the time for silence: There is simply too much to say.
2016 has brought Brazil the perfect trial: the Olympic Games. As the event approaches, certain expectations arise such as security. The good news is that Rio de Janeiro holds an instructive precedent for large-scale sporting events: the 2014 World Cup. And the Olympics are an inherently inclusive tradition. An upfront approach of vulnerabilities exploited by hackers could produce a collaboration environment of risk mitigation. Brazil can reach out to other nations for assistance; it is not alone in cyber defense efforts. But the key for persistent change is succession. Brazilian cybersecurity must endure after the Olympic ceremonies. Audiences worldwide expect Brazil to put on a show. If the nation can protect its citizens and visitors from cyber threats, it can become a cyber strategist of a higher order.
German Linares is a second year M.A. candidate at the Center for Latin American Studies at Georgetown University. With Latin America as a regional focus, his interests lie in the following extant security issues: illicit trade, organized crime, criminal justice, and human rights.
Image source: WikiCommons