Brazil debates creation of national strategy to tackle cybercrime

Discussions are being led by the Ministry of Justice and the banking sector.
Written by Angelica Mari, Contributing Writer

Amid growing concerns about increasing threats in the cybersecurity space, the Brazilian government and the banking sector are discussing the creation of a strategy to address crime in digital environments.

The president at the Brazilian Federation of Banks (FEBRABAN), Isaac Sidney, and the Minister of Justice and Public Security, Anderson Torres, have started negotiations for the creation of the National Cybercrime Strategy. The topic was discussed at a meeting at the association's headquarters in São Paulo on Friday (6).

According to FEBRABAN, the discussions around the new plan to tackle cybercrime will be informed by the experiences of the National Strategy Against Corruption and Money Laundering, which is led by the Ministry of Justice and has been in place since 2003.

Under the new strategy, the idea will be to "expand the identification and repression" of the actors responsible for cybercrimes, the association said. Another goal is to expand the technical knowledge of the Brazilian security forces and "promote permanent cooperation between public and private agents."

The vision outlined by the banking association also includes the joint development of platforms for sharing fraud data by digital means and supporting the training of security forces in cybersecurity and digital fraud issues, and using the association's cybersecurity laboratory. The plan would also include public awareness campaigns on cyber risks and fraud.

According to German consultancy Roland Berger, Brazil currently ranks fifth in a ranking of the world's main cybercrime targets. A survey carried out by the company shows that the country has exceeded the total number of ransomware attacks seen in 2020 in the first half of 2021, with 9.1 million occurrences.

In the private sector, the level of preparedness to deal with cybercrime has been impaired by lack of investment: security teams are in place in less than a third of Brazilian organizations, even though most businesses frequently suffer attacks, recent research has found. Another study, published in February, suggests that most Brazilian companies have not increased their investments in information and cyber security since the Covid-19 pandemic emerged despite an increase in threats.

Attacks targeted at Brazilian public sector organisations have also become increasingly common. Last November, a major cyberattack against the Brazilian Superior Electoral Court brought the Court's systems to a standstill for over two weeks. More recently, the Brazilian National Treasury was the target of a ransomware attack.

Brazil published its first National Information Security Policy in 2018. The National Security Strategies for Cyber Security and Critical Infrastructure Security were published in 2020. In July, the Brazilian government created a cyberattack response network aimed at promoting faster response to cyber threats and vulnerabilities through coordination between federal government bodies. The Federal Cyber Incident Management Network will encompass the Institutional Security Office of the presidency as well as all bodies and entities under the federal governing administration. Public companies, mixed capital companies and their subsidiaries may become members of the network voluntarily.

Editorial standards