The digital attack suffered by the Ministry of Health is a harbinger of the “new normal” that could come into play in 2022. There are multiple layers and consequences that what happened allows to lift.
First, the attack, whatever its nature, had the effect of paralyzing essential ministry services, including but not limited to access to vaccine certificates. Even counting the number of cases and deaths for Covid-19 was affected.
The lack of transparency regarding what happened is noteworthy. Under the allegation of not hampering the investigations, the Ministry allowed an information war to flourish over what happened. The result was distrust, conflicting narratives and doubts regarding the technological management by the folder.
One thing is right. The attack materializes a trend that had been taking place and that is getting stronger. There is an ongoing strategy shift. Cyber attacks have become a political weapon, incorporated into the protocol of action of various groups, especially those who benefit from strategies of fear, uncertainty and doubt.
Once the use of disinformation campaigns through the internet has lost effect, due to the role of platforms and also of the Supreme Court, there is a migration to attacks on government structures as a way to generate social repercussion. This repercussion can then be instrumentalized to advance political ends and undermine trust in public institutions themselves.
This protocol of action was applied in the most recent electoral cycle, in 2020, when the TSE was attacked on the day of the election. Although the attack did not have any serious consequences and did not even come close to the voting system, there was political instrumentalization of what happened. For 2022, it is to be expected that actions like this will be repeated again.
One of the reasons for this is that the issue of cybersecurity in Brazil has been adrift for a long time. This makes the public sector’s technological infrastructure an easy target for attacks of all kinds. Be it simple attacks like denial of service, be it DNS manipulation or even ransomware attacks.
Since 2019, the institutional framework for protecting cybersecurity in the country has been redesigned, with the creation of the National Information Security Policy, which is positive. Interestingly, the Ministry of Health itself has a seat on the Management Committee for Information Security. However, all changes and the new institutional model failed. They did not prevent an attack on a critical technological resource in the country.
This makes it clear that the model needs to be improved. Cybersecurity policy is now practically entirely with the Executive Power. To be effective, it is necessary to build a multisectoral approach, in which there is effective participation of the country’s scientific community, the private sector, civil society, in addition to the judiciary and the legislature. It is too important an issue and, above all, related to national security to tolerate an institutional failure of this magnitude.
With all this, it is to be expected a 2022 in which this new mobilization strategy based on attacks on public infrastructure will be repeated again. The only positive aspect is that, knowing this, we are expected to be prepared, including institutionally.
It’s over Speak directly of the political opponent
Already Launching coordinated disinformation attacks against opponents
It’s coming Launch cyber attacks against opponents and institutions of interest
I have over 8 years of experience in the news industry. I have worked for various news websites and have also written for a few news agencies. I mostly cover healthcare news, but I am also interested in other topics such as politics, business, and entertainment. In my free time, I enjoy writing fiction and spending time with my family and friends.