12th Air Force Expands Cybersecurity With Partners in the Americas
Already vulnerable, countries in South America, the Caribbean and Central America face increasing vulnerabilities by artificial intelligence-enabled and other emerging technology-based cyber attacks, said Col. James Hamilton, USAF, the A6 for the 12th Air Force (AFSOUTH), speaking on a panel with cyber leaders from Brazil, Ecuador, Jamaica, Paraguay and Peru, during the AFCEA Alamo ACE conference on November 15, 2023, in San Antonio.
AFSOUTH operates in the U.S. Southern Command area of responsibility and, along with the other service components, is working to combat the predominance of malicious cyber threats in the region. Part of that effort is uniting with partner countries, their militaries and other organizations.
“We have been seeking overall to strengthen U.S. relationships between the Caribbean, Central and South America and our goal is to counter cyber threats within the region and build sound and stable relationships going forward,” said Col. Hamilton, who brought leaders from each of those five countries to San Antonio to meet with military cyber officials and present at the conference.
The cyber threat frontier, which has only increased over time, has especially shifted in the last 18 months, the colonel noted, given the rapid advancement of artificial intelligence (AI), quantum and other emerging technologies that can or will be leveraged by nefarious cyber actors, including the reported state-sponsored activities by the People’s Republic of China.
“It's been our mission to build partner cyber defense capability and operational interoperability in pursuit of a secure and prosperous Western Hemisphere,” Col. Hamilton said. “The threats are numerous, and they are real.”
No country is safe from the attacks. It means we must cooperate to protect our interests from vulnerabilities and exploits. And notably, the countries with the greatest attack surface have higher percentage of data on the black market. Therefore, partner data may be on black market right now.
For example, a wide-ranging ransomware attack during COVID-19 in November 2020 targeted Brazil’s Superior Tribunal of Justice, shutting down video conference judgment sessions and reaching encrypted case files and backup systems. “They were shut down for 26 hours and it took 17 days and over 100 information technology professionals from multiple technology giants to achieve system recovery at an estimated $4.5 million in costs,” the colonel explained. “And that's just in Brazil.”
In September 2023, 17 countries across the Americas fell victim to ransomware attacks, which targeted web hosting services by VIA FX, the top service provider in Latin America, affecting some 760 companies and various hospitals in the region. Another insidious attack in Latin America, identified by Korean intelligence officials that month, involved maliciously planted code on hardware of Chinese-made equipment. The U.S. military is seeing supply chain vulnerabilities in software, firmware and hardware of equipment from Chinese companies. Alibaba, Huawei, Tencent, Baidu, Zuni and ZTE have all reported executing supply chain tampering across the Latin American theater. This week, AFSOUTH prepared translated warnings and education about the supply chain risks for noncyber professionals in the theater, through the embassies, the colonel said.
“No country is safe from the attacks,” Col. Hamilton stated. “It means we must cooperate to protect our interests from vulnerabilities and exploits. And notably, the countries with the greatest attack surface have higher percentage of data on the black market. Therefore, partner data may be on black market right now.”
With the advent of supercomputing, artificial intelligence and other advanced technologies, the vulnerabilities in the Americas will only increase, Col. Hamilton warned. “Emergent technologies are challenging our traditional cyber defenses,” he said. “As we all know, there's a nexus coming regarding AI, quantum computing and existing threats. If we do nothing, literally all data will be open source, and no encryption technologies will be suitable to prevent nation-state [actors] here in a few short years.”
U.S. leaders have laid out a timeline to partners about risks to encryption and its future use. The United States is also helping the countries address physical security, through the protection of their critical infrastructure. “As we have continued the dialogue with our partners, we are having critical infrastructure protections conversations more and more,” the colonel said.
Over the last year, U.S. leaders have identified common threads among the countries in the region, finding a demand for increased proficiency from organizational structure and workforce development to infrastructure and capability and advancements.
“Each of these focus areas must be addressed simultaneously, or we risk losing or leaving gaps in cyber resiliency,” Col. Hamilton emphasized. “We don't have time to regain or reinvent the wheel. Instead, we need to actually build a network of today.”
For industry, the colonel said, “this is a call to action.”
“The partnership is real and the demand signal is now and overall, we're seeking a better and more secure ladder and improvement.”