Comparative Analysis of Regulations for Cybersecurity and Cyber Defence in the United States and Brazil

Autores

  • Vitelio Brustolin Research Scientist at Harvard Law School, Postdoctoral Researcher in the Harvard Department of the History of Science, Adjunct Professor at Columbia University in the School of International and Public Affairs, and University Professor at Institute of Strategic Studies and International Relations (INEST) of the Fluminense Federal University (UFF).

DOI:

https://doi.org/10.26792/rbed.v6n2.2019.75149

Palavras-chave:

cybersecurity, cyber defence, cyber-attacks, Cybersecurity Act of 2012, Internet regulation, cyber safety in the United States, cyber safety in Brazil.

Resumo

In this article we compare the main regulations employed by the United States and Brazil for their respective cybersecurity and cyber defence. From this comparison we produced four main conclusions. First, the absence of an effective public policy for cybersecurity and cyber defence in the United States left the country vulnerable to Russian cyber-attacks that influenced the course of the 2016 Presidential Election. Second, the Cybersecurity Act of 2012, which was supported by Barack Obama, who was President at the time, would have increased US protection against cyber-attacks. However, the bill did not become law because it was defeated in the US Senate. Third, if Brazil had enacted legislation similar to the Cybersecurity Act of 2012, the country would have prevented most of the fake news and cyber-attacks that occurred in its own 2018 Presidential Election. Fourth, the main initiatives of the Cybersecurity Act of 2012 can still be implemented by both the United States and Brazil. To reach these conclusions, we compared intended purpose of the Cybersecurity Act of 2012, with facts that highlight the consequent failures in cybersecurity and cyber defence in the United States and Brazil.

Downloads

Não há dados estatísticos.

Biografia do Autor

Vitelio Brustolin, Research Scientist at Harvard Law School, Postdoctoral Researcher in the Harvard Department of the History of Science, Adjunct Professor at Columbia University in the School of International and Public Affairs, and University Professor at Institute of Strategic Studies and International Relations (INEST) of the Fluminense Federal University (UFF).

Vitelio Brustolin is a Research Scientist at Harvard Law School, a Postdoctoral Researcher in the Harvard Department of the History of Science, an Adjunct Professor at Columbia University in the School of International and Public Affairs, and a University Professor at Institute of Strategic Studies and International Relations (INEST) of the Fluminense Federal University (UFF). Brustolin teaches International Law, Strategic Studies, and Global Governance. He received his PhD and his Master’s Degree in Public Policy, Strategy, and Development. He received his Bachelor’s Degree in Legal Sciences – Law (JD) and Social Sciences (BA). Brustolin is, also, a Consultant for the Presidency of Brazil at Institute of Applied Economic Research (IPEA).

Referências

Abbate, Janet. 1999. Inventing the Internet. Cambridge: MIT Press.

Al-Mohannadi, Hamad et al. 2016. ‘Cyber-Attack Modeling Analysis Techniques: An Overview’. Paper delivered at 4th International Conference on Future Internet of Things and Cloud Workshops. Vienna, Austria 22-24 Aug. At https://ieeexplore.ieee.org/abstract/document/7592703 [Accessed on 10 October 2019].

Amorim, Silvia. 2019. ‘Lei brasileira ainda é insuficiente para punir hackers’. O Globo, 7 July.

AO Kaspersky Lab. 2017. APT Trends report, Q1 2017. An Expert Take on Targeted Attack Operations. Russian Federation, Moscow. At https://securelist.com/analysis/quarterly-malware-reports/78169/apt-trends-report-q1-2017 [Accessed on 12 October 2019].

Benevides, Bruno. 2019. ‘Brasil entra na mira de hackers e vira alvo de ciberataques do exterior’. Folha de S. Paulo, 6 July.

Brazil. 2005. Decree 5.484, of 30 June 2005. Brasília, Presidency of the Federative Republic of Brazil.

______. 2008. Decree 6.703, of 18 December 2008. Brasília, Presidency of the Federative Republic of Brazil.

______. 2012. Law 12.737, of 30 November 2012. Brasília, Presidency of the Federative Republic of Brazil.

______. 2012 [2005, 2016]. National Defence Policy. Brasília, Presidency of the Federative Republic of Brazil.

______. 2012 [2008, 2016]. National Defence Strategy. Brasília, Presidency of the Federative Republic of Brazil.

______. 2014. Law 12.965, of 23 April 2014. Brasília, Presidency of the Federative Republic of Brazil.

______. 2015. Decree 8.491, of 13 July 2015. Brasília, Presidency of the Federative Republic of Brazil.

______. 2018. Law 13.709, of 14 August 2018. Brasília, Presidency of the Federative Republic of Brazil.

______. 2019. Law 13.853, of 8 July 2019. Brasília, Presidency of the Federative Republic of Brazil.

Bridge, Mark. 2018. ‘Loss of internet forces Assange to step down from Wikileaks editor role’. The Times, 27 September.

Brustolin, Vitelio. 2014. Innovation and Development through National Defence in the USA and Brazil. PhD Thesis, Universidade Federal do Rio de Janeiro & Harvard University.

Burrough, Bryan; Ellison, Sarah; and Andrews, Suzanna. 2014. ‘The Snowden Saga: A Shadowland of Secrets and Light’. Vanity Fair, 23 April.

Canabarro, Diego. 2014. ‘A contribuição do Brasil para o Marco Civil da Internet na Itália’. Observatório da Internet no Brasil [online]. 23 October. At https://observatoriodainternet.br/post/a-contribuicao-do-brasil-para-o-marco-civil-da-internet-na-italia [Accessed on 18 October 2019].

Department of Defence of the United States of America. 2011. Department of Defence Strategy for Operating in Cyberspace. Washington DC, USA: DoD.

______. 2013. 78 FR 23601. Federal Register Volume 78, Issue 76, April 19. Washington DC, USA: Government Publishing Office.

______. 2015. The Department of Defence Cyberstrategy. Washington DC, USA: DoD.

______. 2018. Department of Defence Strategy for Operating in Cyberspace. Washington DC, USA: DoD.

Department of Homeland Security of the United States of America. 2018a. What Does CISA Do? Washington DC, USA: DHS. At www.dhs.gov/CISA [Accessed on 15 October 2019].

______. 2018b. Cybersecurity. Washington DC, USA: DHS. At www.dhs.gov/topic/cybersecurity [Accessed on 16 October 2019].

Federal Senate of Brazil. 2018. Legislative Decree 179, of 14 December 2018. Brasília: Brazil.

______. 2019. ‘Congresso cria CPI Mista para investigar fake News’. Senado Notícias, 3 July. At www12.senado.leg.br/noticias/audios/2019/07/congresso-cria-cpi-mista-para-investigar-fake-news [Accessed on 18 October 2019].

Fitzpatrick, Alex. 2012. ‘Cybersecurity Bill Stalls in the Senate’. Mashable, 2 August.

______. 2012. ‘Obama Gives Thumbs-Up to New Cybersecurity Bill’. Mashable, 20 July.

Galinec, Darko; Možnik, Darko; and Guberina, Boris. 2017. Cybersecurity and cyber defence: national level strategic approach. Automatika, 58:3, 273-286, DOI: 10.1080/00051144.2017.1407022.

Gellman, Barton and Soltani, Ashkan. 2013. ‘NSA infiltrates links to Yahoo, Google data centres worldwide, Snowden documents say’. The Washington Post, 1 November.

Greenwald, Glenn and MacAskill, Ewen. 2013. ‘Boundless Informant: the NSA’s secret tool to track global surveillance data’. The Guardian, 8 June.

Greenwald, Glenn and Pougy, Victor. 2019. ‘As mensagens secretas da Lava Jato’. The Intercept, 9 June.

Institutional Security Office of the Presidency of Brazil. 2010. Green Paper: Cybersecurity in Brazil. Brasília: Presidency of the Republic of Brazil.

International Telecommunication Union. 2016. Measuring the Information Society Report 2016. Geneva Switzerland: United Nations.

______. 2018. Measuring the Information Society Report 2018: Volume 2. Geneva, Switzerland: United Nations.

Kiyuna, A. and Conyers, L. 2015. Cyberwarfare Sourcebook. Morrisville, USA: Lulu.

Meyer, Josh; Moe, Alex; and Connor, Tracy. 2016. ‘Hack of Democratic Congressional Campaign Committee ‘Similar’ to DNC Breach’. NBC News, 29 July.

Ministry of Defence of Brazil. 2010. Bulletin of the Army: Number 31/2010. Brasília, Brazil: Command of the Army, 6 August.

______. 2010. Ordinance 3.389, of 21 December 2012. Brasília, Brazil: MD.

______. 2012. Bulletin of the Army: Number 52/2012. Brasília, Brazil: Command of the Army, 28 December.

______. 2012 [2016]. White Paper on National Defence. Brasília, Brazil: MD.

______. 2014. Military Doctrine of Cyber Defence. Brasília, Brazil: Command of the Army.

Mueller, Robert. 2019. Report on the Investigation into Russian Interference in the 2016 Presidential Election. Washington DC: US Department of Justice. At https://www.justice.gov/storage/report.pdf [Accessed on 17 October 2019].

North American Energy Standards Board. 2017. The Cybersecurity Act of 2012. Houston, USA: naesb.org.

O’Keefe, Ed and Nakashima, Ellen. 2012. ‘Cybersecurity bill fails in Senate’. Washington Post, 2 August.

Office of the Director of National Intelligence (USA). 2017. Background to “Assessing Russian Activities and Intentions in Recent US Elections”: The Analytic Process and Cyber Incident Attribution. Washington DC, USA: DNI. At https://www.dni.gov/files/documents/ICA_2017_01.pdf [Accessed on 16 October 2019].

Office of the Press Secretary, The White House (USA). 2013. Executive Order: Improving Critical Infrastructure Cybersecurity. Washington DC, USA: White House, 12 February. At https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity [Accessed on 18 October 2019].

______. 2015. President Obama Announces New Cybersecurity Legislative Proposal and Other Cybersecurity Efforts. Washington DC, USA: White House, 13 January. At https://obamawhitehouse.archives.gov/the-press-office/2015/01/13/securing-cyberspace-president-obama-announces-new-cybersecurity-legislat [Accessed on 18 October 2019].

______. 2016. Cybersecurity National Action Plan. Washington DC, USA: White House, 9 February. At https://obamawhitehouse.archives.gov/the-press-office/2016/02/09/fact-sheet-cybersecurity-national-action-plan [Accessed on 18 October 2019].

Orwell, George. 1949. 1984. Boston/New York, USA: Houghton Mifflin Harcourt.

Presse, France. 2017. ‘Ataque de hackers sem precedentes provoca alerta no mundo’. O Globo, 13 May.

Quesada, Juan and Cano, Rosa. 2017. ‘O ciberataque: apertar um botão e desligar o mundo’. El País, 21 May.

Ruthfield, Scott. 1995. The Internet’s History and Development from Wartime Tool to the Fish-Cam. Crossroads Magazine. Volume 2 Issue 1, Sep.

Schooner, Steven and Berteau, David. 2014. ‘Emerging Policy and Practice Issues’. Washington DC, USA: GW Law Faculty Publications. At https://scholarship.law.gwu.edu/faculty_publications/1056 [Accessed on 14 October 2019].

Senate of the United States of America. 2012. S.2105 – Cybersecurity Act of 2012. Washington DC, USA: Congress.gov. At www.congress.gov/bill/112th-congress/senate-bill/2105/text [Accessed on 18 October 2019].

Subrahmanian, V. et al. 2015. The Global Cyber-Vulnerability Report. Springer International Publishing.

Superior Electoral Court of Brazil. 2019. ‘Portal do TSE restringe serviços para prevenir ataques cibernéticos’. TSE Communication Advisory, 27 October. At www.tse.jus.br/imprensa/noticias-tse/2018/Outubro/portal-do-tse-restringe-servicos-para-prevenir-ataques-ciberneticos [Accessed on 17 October 2019].

The National Security Agency. 2019. Active Cyber Defence. Washington DC, USA: NSA. At https://apps.nsa.gov/iaarchive/programs/iad-initiatives/active-cyber-defence.cfm [Accessed on 17 October 2019].

______. 2019. What is NSA’s role in U.S. cybersecurity? Washington DC, USA: NSA. At www.nsa.gov/What-We-Do/Cybersecurity [Accessed on 16 October 2019].

The United States of America. 1996. Public Law 104-191. Washington DC, USA: Government Publishing Office.

______. 1999. Public Law 106-102. Washington DC, USA: Government Publishing Office.

______. 2002. Public Law 107-296. Washington DC, USA: Government Publishing Office.

______. 2018a. Cybersecurity and Infrastructure Security Agency Act of 2018. Congress Bills. Washington DC, USA: Govtrack. At www.govtrack.us/congress/bills/115/hr3359 [Accessed on 15 October 2019].

______. 2018b. National Cyber Strategy of the United States of America. Washington DC, USA: Government Publishing Office.

The White House, United States of America. 2018. Cybersecurity Funding. Washington DC, USA: White House.

______. 2018. Cybersecurity Funding. Washington DC, USA: White House.

______. 2019. Cybersecurity Funding. Washington DC, USA: White House.

Tynan, Dan. 2018. ‘Facebook says 14m accounts had personal data stolen in recent breach’. The Guardian, 12 October.

Walls, Andrew; Perkins, Earl and Weiss, Juergen. 2013. Definition: Cybersecurity. Stamford, USA: Gartner Inc.

Downloads

Publicado

2020-06-19

Como Citar

Brustolin, V. (2020). Comparative Analysis of Regulations for Cybersecurity and Cyber Defence in the United States and Brazil. Revista Brasileira De Estudos De Defesa, 6(2). https://doi.org/10.26792/rbed.v6n2.2019.75149

Edição

Seção

Artigos