This fortnightly report by Control Risks highlights key incidents during the reporting period. We examine how these incidents play into the election interference trends we’re observing and their impact on Brazilian organisations and individuals.
Election interference and disinformation incidents
- Brazil, 11 January 2025 the Brazilian government issued a 72-hour extrajudicial notice to Meta, requesting the company to explain its changes to its fact-checking policies, which will replace professional fact-checkers with a community notes system.
Implications: the ultimatum follows the Brazilian Attorney General’s office’s meeting with President Luiz Inácio Lula da Silva. The Brazilian government is seeking clarity on Meta’s new policies and how it will protect vulnerable demographics, such as children or adolescents, and prevent hate speech on social media in Brazil. Brazil is also seeking clarification on how these policies will prevent gender-based violence, racism and homophobia.
- Brazil, global, 10 January 2025 newly identified ransomware group, FunkSec, has published over 85 victims in December, surpassing all other groups. FunkSec has been targeting organisations primarily in Brazil, the US, India, Italy, Israel, Spain and Mongolia in ransomware attacks demanding low ransoms.
Implications: the cyber threat actors responsible, who also claim to have ties to cyber activism campaigns, sell the stolen data at reduced prices. However, some of the data offered for sale is reportedly taken from previous activist campaigns that made the data publicly available. The ransomware was also likely created with the support of artificial intelligence (AI) tools.
- Brazil, China, 30 December 2024 the Brazilian government did not sign an official document to formally join China’s Belt and Road Initiative (BRI), instead opting to elevate Brazil’s ties with China by cooperating on infrastructure projects and investment projects.
Implications: although the two countries have not signed a formal agreement, Brazil and China y will continue to foster a close political relationship. This may lead to disinformation or misinformation spreading on social media platforms as users discuss this decision and any that follow.
- Brazil, global 9 December 2024 the Federal Security Service of the Russian Federation claimed it had detained members of an international cybercriminal group that had defrauded over 100,000 targets, primarily those in Brazil, the UK, the European Union, Canada, India and Japan.
Implications: cybercriminal groups are highly likely to continue to target organisations in financially motivated operations, particularly targeting countries with widespread internet use and a perceived lack of cybersecurity literacy and best practices.
Social engineering awareness
- A Distributed denial-of-service (DDoS) campaign targeted popular platforms across 15 countries, including Brazil, ahead of Christmas.
Disinformation education
- Users on X will continue to share disinformation posts regarding Brazil-China relations, as well as new developments on social media platforms.
Social media monitoring
- Social media users on X continue to discuss disinformation in Brazil, with many posting concerns about Meta’s new policies and how the company will protect users’ free speech and protect against hate speech.
- X users have also continued to discuss disinformation on X, one user alleging that the disinformation shown on users’ timelines have influenced public opinions during key political moments.
Electoral protection in Brazil: cybersecurity training and support
Register to receive these twice-monthly reports