Wikileaks: Apagão 2009 e a defesa da infraestrutura brasileira contra crackers
O mais recente documento da Embaixada Americana em Brasília vazado pela Wikileaks, o 09BRASILIA1383 de 01/12/2009, é um relatório sobre o Apagão de 2009.
Na época, as explicações desencontradas do Ministro das Minas e Energia e uma reportagem do 60 minutes afirmou que o Apagão no Espirito Santo de 2007 e Rio de Janeiro de 2005 teria sido causado por ataques de crackers. (Veja Apagão 2009 causado por Hackers?).
Minha preocupação com o assunto cresceu quando li nesta segunda-feira o 05BRASILIA1207 descreve uma almoço com o Ministro da Segurança Institucional, General Jorge Felix.
De acordo com o texto, quando o Embaixador Americano perguntou quais áreas o governo dos Estados Unidos poderiam ajudar, Felix teria dito que o governo brasileiro estaria ficando prá trás na proteção de sistemas de computação...
5.(S) Additional Assistance: The Ambassador asked General Felix if there were any areas where the USG could better assist the GSI and/or ABIN. Felix said that he was very happy with the assistance currently being provided by the USG. One area where he claimed that the Brazilian Government was falling behind was in protecting its own classified and unclassified computer systems. Felix said that he would welcome any assistance (courses, visitors, etc.) in this area.
No relatório sobre o Apagão 2009 distribuído hoje, os diplomatas americanos descrevem os eventos, as confusas explicações dadas pelo Ministério das Minas e Energia logo após o incidente e a conclusão oficial do governo brasileiro até aquele momento.
Logo em seguida o relatório informa os próximos passos da investigação e destaca que a possibilidade de sabotagem "tradicional" ou ataque de crackers ja estaria descartada.
O brasileiros reconheceram tentativas de invasão virtual em anos anteriores e que o sistema estaria seguro.
O governo brasileiro teria limitado o número de pessoas com acesso, separado os sistemas de controle do resto da operação e instalado filtros.
Além disso, o Operador Nacional do Sistema (ONS) usa uma rede fechada com cabos separados dos usados para a transmissão de energia.
Sabotagem "tradicional" foi descartada pq, de acordo com o texto, existiriam evidencias físicas, incluindo o defunto do criminoso.
¶8. (C) A government commission composed of ONS and the Brazilian electricity regulator ANEEL is investigating exactly what happened on November 10. The commission has 30 days from its formation on November 13 to complete a draft of its findings, including possible recommendations. The government will then submit the draft report to an independent group of non-governmental experts and academicians for review. The government will finalize the report after that review. In the absence of the final report, neither ONS nor MME offered a definitive explanation for what caused these outages. However, they both maintained that the short circuits are consistent with either a lightning strike (although ONS took pains to show satellite photos demonstrating that there were not storms in that area at that particular time) or a combination of low barometric pressure combined with high winds and high humidity. ONS also showed photos of transmission towers with visible discoloration, which they say further supports these two theories and rules out damage from trees, physical sabotage, or hackers. (Note: there was no way for Econoff to verify the location of the towers in the photos, the times of the discoloration, nor the cause. End Note.)
¶9. (C) Oliveira and Geraldes further ruled out the possibility of hackers because, following some acknowledged interferences in past years, GOB has closed the system to only a small group of authorized operators, separated the transmission control system from other systems, and installed filters. Coimbra confirmed that the ONS system is a CLAN network using its own wires carried above the electricity wires. Oliveira pointed out that even if someone had managed to gain access to the system, a voice command is required to disrupt transmission. Coimbra said that while sabotage could have caused the outages, this type of disruption would have been deadly, and investigators would have found physical evidence, including the body of the perpetrator. He also noted that any internal attempts by system employees to disrupt the system would have been easily BRASILIA 00001383 003 OF 005 traceable, a fact known to anyone with access to the system.
O embaixador americano destaca a grande abertura para o diálogo com o governo americano sobre o assunto.
¶19. (C) Brazilian officials were strikingly open to discussing the incident with Embassy personnel, non-defensive in response to questions, and forthcoming with their information and assessments.
... e destaca que há oportunidades de cooperação na área de segurança cibernética, mesmo que o Apagão 2009 aparentemente não tenha sido causado por crackers.
¶21. (C) This would be an excellent occasion to encourage the military to military Communication and Information Security Memorandum of Agreement (CISMOA), noting that although this incident does not appear to have been the result of an attack on the system, such an event is possible and signing this agreement would permit cooperation were one to occur. We could also consider a cybersecurity working group. Brazil might be open to pursuing cooperation on critical infrastructure protection, and MME has already told us they would be interested in learning more about our emergency broadcasting system. It is clear that physical security has not heretofore been a major focus for planners but officials acknowledge the possibility of an attack and are working on developing protections, another possible area for fruitful cooperation as a follow up from DHS visit in the later part of 2008.
Tô um pouco mais tranquilo... Aparentemente, algo foi feito entre 2005 e 2009 para proteger a nossa infraestrutura de energia elétrica.
De qq modo, IMHO, é um assunto que precisa ter mais destaque...
