By Leonardo Neri
The Federal Government is facing difficulties in the digital sphere. After a serious cybersecurity failure, the government is struggling to know how to respond to successful hacker attacks.
After accessing the ConecteSUS and Ministry of Health systems, 20 public agencies, including other ministries, were compromised. It should be noted that to date there is no indication of the actual invasion of the system, nor of what was collected, much less the type of attack carried out.
In addition to the affected agencies, the Federal Police (PF) also went through moments of turmoil. With a silence order, no one wanted to speak out openly.
Hackers are posting on the Deep Web to distribute valid logins to access government systems in order to ridicule the government. According to anonymous sources from the Federal Police and Serpro, this invasion was only possible after gaining access to the Claro/Embratel broker, which was hired by the government at the end of 2020 to provide this digital service.
But what is a broker? A broker is a platform used by companies to group information that is in the cloud.
It is not yet known whether the information was provided by an insider or whether access was obtained through a security breach. The only certainty, so far, is that possession of this sensitive data by malicious individuals allows other attacks to be successfully carried out.
Thus, the government is hostage and adrift from hackers, without the possibility of doing much with the structure it currently has. Another point is the lack of preparation of the Public Power in relation to the contingency plan, since today the Government's technology system is not state-of-the-art, which hinders investigative means, according to a report by an internal professional of the PF institution.
This is yet another case that demonstrates that the Public Authorities need to lead the movement to spread the culture of privacy in their systems as soon as possible, through educational projects and investments in cutting-edge technology, since in addition to handling the vast excess of personal data processed at a national level, it would also demonstrate to the entire private market that the issue of personal data protection is serious and that anyone who is not treating it responsibly will suffer the consequences.