Photo Markus Spiske in Unsplash

The Fire Sale is an all-out cyber warfare attack that performs a systematic three-stage attack on an entire nation's computing infrastructure. The hackers called it the Fire Sale because "Everything must go" analogy to auctioning off products in a store that survived a fire. 

The greatest vulnerability to a terrorist attack for Peru today is a Firesale-type cyberterrorist attack that would sow chaos, and generate incalculable costs in lives and money. There would be a Peru before and after such a devastating attack.

A Firesale is a cyber attack that can bring a country to its knees consisting of three stages of attack on a country's IT infrastructure:

  1. First: Make all transport systems inoperable, such as traffic lights, railways, subways and airport systems, 
  2. Second: Disable financial systems (stock exchanges, banks and financial houses),
  3. Third: Making public utility systems, such as electricity, gas, satellite, and telecommunications, inoperative. 

This type of threat is not a fantasy, it is real and Peru (and by the way, most developing countries) is extremely vulnerable to this type of attack and constitutes, in my view, the greatest threat facing Peru in the 21st century.

In the case of an attack on public organizations and private companies, where the greatest vulnerability exists is undoubtedly found in the government sector. 

In my experience, having worked as a public official and as a provider of IT solutions for the State, I can attest to the shortcomings in cybersecurity in most public institutions at the three levels of the executive branch and in the three branches of the State.

Undoubtedly, the level of preparedness varies from agency to agency. In the Peruvian public sector, some key institutions are highly developed at the IT level, however, this is not the rule, it is the exception, which makes most of the national public infrastructure highly vulnerable to this type of attack.

Let's not be naive. This type of attack is carefully planned and orchestrated well in advance.

The exponential advance of information technology and the strategic dependence of countries on it means that institutions cannot keep up with the pace by shielding their technological infrastructure against the increasingly high level of sophistication of hackers.

Let's be consistent with the times that the planet lives in the 21st century: All corners of the world are at war on this front, with millions of attacks on computers and mobile devices every minute.

*Digitally more advanced governments have now recognized the enormous gravity of the situation and are launching multiple initiatives to deal with the great threat posed by cyber-attacks. But the public sector cannot shoulder the full burden of responsibility and needs to work very closely with the private sector to raise awareness and harden the state's computer systems. For reference, globally, more than 500,000 million dollars are lost due to cybercrime.»


Ongoing police training to handle the widening variety of cybercrime then becomes a strategic priority, as does education on how to share the right information on social media without exposing our personal safety or security in doing so. of ours. Mixed work teams that combat cybercrime (public + private) should collaborate with other international organizations in order to join efforts and share knowledge.

There is a whole cybercrime market to which public security agencies do not have access where criminals can buy and sell access to compromised servers, computers, cell phones and digital accounts and malware to attack people and public and private institutions.

Statistics indicate that EVERY device in the country will have been attacked by some type of malware in the last three months.

Cyber attacks

Nowadays, with the wide adoption of smartphones, which are finally becoming more and more powerful computers, the number and variety of malware with which these devices are exploited has risen exponentially.

Mobile risks include ransomware, infected apps in official marketplaces, espionage, mobile web browser hacking, intellectual property theft, remote device hijacking, data theft, and mobile banking Trojans. Such is the threat to Smartphones that we now see in banking Trojans, that 25% percent of attacks are directed at desktop computers and 75% at mobile devices. 

The motivation for all this variety of attacks is not just money. They are looking for innovations, projects, business plans, patents, budgets, data and access channels to shareholders and partners. They want digital certificates and credentials, scientific research results, and physical access codes. The intent is to disrupt your business, damage your reputation, and find ways to control your company. 

How can this scourge be combated?

It is essential that public institutions implement a proactive culture of digital security, since acting on merely reactive initiatives could put their digital infrastructure at risk. In the information age, this is the greatest asset of any institution. Let's start because the State prohibits the use of pirated software and implements mandatory security regulations in all public institutions.

It is essential that the government implement a Cyber Response Committee (Cyber Response Committee) made up of representatives of the public, private and civil society sectors, that has a regulatory and budgetary shield and that supports the continuity and constant training of the team and acquisition of ad-hoc software and hardware.

In addition, it is strategic to have international agreements for cooperation and exchange of knowledge and information, particularly with the most developed countries and organizations in terms of cybersecurity.

Pablo Bermúdez

International Consultant in Digital Transformation, Knowmad, Entrepreneur, Mystagogue, Professor, Exhibitor, Writer and a thousand other things….

Manager at The Startup Factory
Twitter: @pablober