The secret history of the most serious “hack” against the Colombian Military Forces.
In reality, they do not offer conclusive evidence, they show conversations that can be easily collected by any intelligence agency of a country in legitimate defense of its territory.
Several Venezuelan buildings in which meteorological stations operate also house powerful electronic warfare units from where part of the largest theft of military information on record against Colombia would have been launched. From locations in the states of Anzoátegui, Táchira, Barinas, Bolívar and Fort Tiuna in Caracas, the intelligence of that country attacked the servers of the general command of the Military Forces in Bogotá for months said report.
“That really represents a very, very great risk for us because they managed to extract extremely sensitive information from Colombia,” an intelligence officer from the General Command told Noticias Caracol who requested that his identity be reserved…
For Jean Marie Chenou, PhD in Political Science and cyber defense expert, “this would be a very important case globally. I do not see equivalents between neighboring and rival countries of this size, of this level of centrality of the information that was obtained ”.
Warnings to Colombian intelligence
Venezuelan intelligence violated the Colombian defense and stole top secret information compromising national security. The Colombian military was not able to defend itself in time. And all this, despite the fact that international agencies had been warning Colombian intelligence that Venezuelan forces had equipped themselves for cyber warfare. This is what the officer of the general command said:
For a long time we had warnings that both Venezuelans and Russians were scanning and activating our defense systems.
This is also stated in reports from foreign organizations held by Noticias Caracol in which millionaire investments were made every month: “The CEOFANB’s joint cyberdefense direction managed technological projects to strengthen cyberdefense for a value of US 8,688 .358 to build a logistics base for the COLOP (Operational Logistics Command) and eight logistics bases in each REDI (Strategic Region of Integral Defense) ”, says one of the reserved documents.
They had also warned that the same general command, which ended up being attacked, was one of the main targets of this deployment of Venezuelan cyber intelligence.
“They consider as objectives of high strategic value the general command of the Colombian military forces and the command and control center of the air force, from where air power and decentralized execution are exercised,” says another foreign document.
In addition, reports from foreign intelligence agencies alerted the Colombian government about the plans of the Venezuelan intelligence and armed forces: “Through the aerospace intelligence department, 14 new objectives of interest were established, which are located in seven departments and Bogotá and are prioritized to be attacked. The prioritization of these targets is supported by alleging the presence of the US military in Colombian bases, the location of combat aircraft and air force cargo transport and the detection of radars with the capacity to identify Venezuelan aircraft in the Caribbean Sea ”.
What did they affect?
Those secret reports were constant throughout the past year and into the first months of 2021. But despite the seriousness of the warnings, little was done to prevent the attack.
The intelligence officer who requested the reservation of his identity explained: “What they affected were information systems. Among them affected the Ric, is the computer network of the military forces. They affected storage systems where ultra-secret information on operations was kept, where information on operational results was kept, issues that should not be exposed to the Internet ended in this commitment. There are conversations of instructions from the high command giving orders, work missions, operational plans and defense of the country ”.
It was the same foreign agencies that issued the ignored warnings that had to notify the Army, Navy and Air Force that their systems had been compromised. In a kind of counterattack they launched on Venezuelan intelligence, they discovered part of the information that the Bolivarian forces, advised and trained by Russian intelligence, extracted from Colombia.
The Caracol News investigative unit accessed dozens of those documents, in the hands of Venezuelan intelligence and which were shared with their allies. A very revealing one, written in Russian and titled “Activities of the United States Air Force and its Allies.” It contains the record of 26 military flights executed mostly within Colombia, but also to and from the United States, the Dominican Republic, Curaçao, Puerto Rico and Costa Rica. These are reviews of the movements carried out by planes and helicopters of the US and Colombian air forces.
Beyond the hacking of Colombian intelligence, this document also raises doubts about the legality of the overflight of foreign military planes through Colombian skies.
Foreign intelligence agencies also found other documents with secret military information on Colombia; Like this one that the Bolivarian Intelligence Service (Sebin) had in its possession, in which a list is made with the coordinates of the air force aviation bases, as well as radars of the Colombian air defense system throughout from the country. The list also included the precise location of battalions, oil fields and hydroelectric plants. All these places were labeled as “Organic elements essential for the functioning of the country.”
Despite the seriousness of the attack that occurred several months ago, the military forces have not yet been able to have an exact and detailed inventory of the information that was stolen. The general command military assured that “they have tried to manage this issue, that they basically cover everything, say nothing and let us realize that nothing has happened. No forensic investigations have been carried out on what happened, we have not even been able to determine how the attack was carried out, if it was a Trojan, if it was through information leakage, or because someone gave access credentials ”.
I only see a human and political fault, the only explanation that I can think of for such a disaster for Colombian intelligence. Because as I said, Colombia is supposed to have a capacity in terms of cyber defense, cybersecurity, cyber intelligence, much greater than that of Venezuela, and above all it is cooperating with countries such as the United States, the United Kingdom and Israel, with the importation of technologies, capabilities. I imagine that what must have happened is an underestimation or a lack of recognition of the threat, suddenly because the evolution of Venezuela’s capacities was too rapid.
The hacking and theft occurred over the course of many months and included access to information from several years. They also accessed internal and secret communications in which the commanders of the military forces and of different units throughout the country exchange information, give orders for operations and share intelligence information, part of this was stored in the telematics units of the military forces.
Noticias Caracol refrains from revealing the most sensitive documents and conversations as they are elements that compromise national security. In one of those conversations, paradoxically, General Eduardo Zapateiro, the Army’s top commander, warned about the risk of information leakage: “I am not going to allow secret Army documentation to be leaked because that is national security information and that is not I will allow it ”, says the high official.
In another very sensitive audio that also fell into the hands of Venezuelan intelligence, an officer reports to the generals the results of Colombia’s intelligence missions over Venezuela, which they refer to by the code name cobalt. “In the second human information he also gives us by this main observation that in the Apure state they have carried out radioelectronic espionage in the departments of Arauca, Casanare and Vichada. In terms of technique, the most remarkable thing, my general, is that the cobalt operative part in six sukhoi planes and the F16s to 5. Within this analysis it has also been seen, my general, that they are gathering, that they are concentrating the missile antiaircraft defense systems in the refineries, the power plants ”.
What does the defense minister say?
Noticias Caracol spoke with Diego Molano, the Defense Minister, who acknowledged the cybernetic aggression: “That was an attack suffered by the Military Forces Command and particularly affected the Army. Corrective actions were identified and taken to be able to reestablish that service and to be able to take the measures that in the future would not allow the weaknesses that managed to materialize that attack ”.
Although the officials in charge of the investigation confirm that the hacked information was very sensitive, Minister Molano says that, according to what he was informed, it does not represent a great loss for Colombian intelligence: “The information that the investigation initially gave on that attack was that it was not relevant information from a national security point of view. However, the investigative process continues ”.
This massive attack has cyber intelligence agents concerned about the vulnerability of the most sensitive information systems in the country. “Colombia has spent a lot of money on cybersecurity and cyber defense issues, but there are no tangible results, not even at the academic level. Many force commanders, many ministers have been in charge of detailing the cyber issue and have left us exposed to a number of emerging threats from Venezuela, Russia, Iran, the same Brazil that have very strong cybercriminal teams that sell themselves to the best bidder, ”said the general command officer.
Fabián Valero, expert and professor of the master’s degree in cybersecurity and cyberdefense at the Military University, says that Colombia has a lot to improve to avoid new incidents: “I am going to refer to the reports of the global cybersecurity index, where it is shown that Colombia It is at a medium level of maturity, it is not that we are at zero. We are better than other countries, but there is still a long way to go. And that path that we lack may allow serious incidents to materialize on the country’s critical infrastructure. And obviously compromise systems, technologies, procedures that may affect national security.
Many of the military cyber defense units that were called upon to prevent this from happening had to be dismantled in recent years because some of their members ended up using valuable resources to spy on politicians, journalists or human rights defenders instead of focusing on their true nature. mission: defend national security from foreign threats.