Est.2007

Barbados Underground

Bringing News and Opinions to the People

,

Caribbean Businesses, Organizations and Governments and People Could Be Losing Millions To Cyber Criminals & Hackers, And Don’t Know It

← Back

Your message to the BLOGMASTER was sent

CONTACT THE BLOGMASTER ONLY

Submitted by James Bynoe – CEO Cyber Security Centre
Cyber crime a threat to productivity
Cyber crime a threat to regional productivity in the Caribbean

The Caribbean Cyber Security Center (CCSC) continues to urge the Caribbean region to take the growing threat from cyber criminals and hackers seriously. CCSC estimates that on a frequent basis Caribbean businesses, organizations, governments and homes are targeted and scanned for information system weaknesses and vulnerabilities that can be exploited, yet very little has been done comprehensively to combat this growing national security, public safety and economic development threat. In the last 12 months we have seen reports from all across the region of network breaches, website defacements, ATM scams, denial of service attacks, and credit card fraud incidents. According to recent reports from leading global security organizations in 2013 the region saw significant increases in data breaches, banking trojans, mobile malware and other online threats.

While we are pleased to see justice served in the recent sentencing of the ATM scamsters in Barbados, ATM scams represents only one front of the multi-front cybercrime war we face as a region. Cyber criminals must not only be prevented from ATM scams (by the entire banking sector finally moving to more secure ATM technologies), they need to be prevented from breaking into business, government, and home computers all across the region. In recent months CCSC has responded to successful and unsuccessful attempts by cyber criminals and hackers to steal thousands in revenue from businesses and individuals, we believe that as a region we could be losing millions via unsecure and unprotected work and home computers which are compromised “right now” without the system owners or home user even knowing it.

Our belief is based on the extremely low level of regional cyber security awareness, non-adherence to cyber security best practices and standards, and the time it takes an average person, business, organization or government to realize they have been “hacked or compromised”, which can be as long as 2-3 years. Additionally new cybercrime and hacker techniques like the Advances Persistent Threat or APT have become more sophisticated with cybercriminal and hackers remaining undetected for longer periods of time while slowly stealing a wide range of information to sell on the cybercrime black market or to execute fraudulent financial transactions.

Unfortunately the region has been largely unresponsive to this threat due mainly to (1) a cultural norm to be slow at act while discussing topics to their outer limits. This slow to act cultural norm is playing right into the hands of cyber criminals and hackers who are using our low level of cyber awareness and preparedness to defraud us daily, (2) economic challenges being faced by many organizations, and (3) failure of public and private sector leaders to budget and investment in cyber defenses. Ironically each day our telecommunications industry as supported by many governments seek to expand internet access to all corners of the region which in essence is providing cyber-criminals and hackers with more and more potential cyber victims. Additionally, to complicate matters we have a few regional and international organizations with resources to assist in combating the cyber threat that can’t seem to get off the conference “talk circuit” and get down to the brass tacks in raising regional cyber security awareness in a tangible way.

So today we find ourselves in a place where; the public and private sectors are failing to take proactive measures to budget for and implement effective cyber protections to protect their data assets which are often the personal and financial information of their clients and customers; many home computer operating systems are outdated and have no effective antivirus, spyware or malware protection software installed; and many families do not know the do’s and don’ts of the internet and how to protect themselves from the millions of online cyber predators that exist today.

So what are the some key things that must be gone to start making our region cyber safe in a sustainable manner?

  • All Prime Ministers (PM) have to make combatting Cybercrime comprehensively a national priority as has been done by other governments worldwide, and create a cybercrime leadership post that reports directly to the PM’s office. Simply adding cyber security to a minister’s portfolio as is typically done will not be enough to combat this threat due to the current low level of cyber awareness that exist today, and the attention that it needs.
  • The throttle on implementing a wide range of cyber security\crime laws, legislations, and Acts needs to be increased. Current efforts to establish a comprehensive set of cyber laws and legislation are too slow and are not effectively keep up with the evolving cyber threat whatsoever. The bureaucratic processes we have established to implement new laws and legislation in the region has to be brought into sustainable alignment with the evolution of technology much better than is being done today. Additionally cybercrime reporting laws and legislation will pay a key role in giving us the much needed data on the real world impact of cybercrime on the region, which is a key part of the challenge we have in taking this threat seriously.
  • The private sectors namely ICT and telecommunications organizations need to play a more socially responsible role in helping the region educate the masses on the cyber threat as Columbus Communications\Flow has started to do regionally, as combatting cybercrime is a multi-stakeholder issue and not just a problem for government to solve. Additionally both the public and private sectors need to proactively start budgeting for cyber defenses in the operating of their information systems and view investments in cyber defenses as a cost saving customer protection measure, and not just the IT guys wanting new toys to play with. Just as we spend and budget for guards and security systems, budgeting for cyber defenses is more critical than ever.

It is clear that the Caribbean is becoming more and more dependent on technology and the internet in many aspects of our daily lives, just as the cyber threat gets more dangerous and damaging. We simply cannot afford to stay the current unaware, unsecure course as the cost of recovery from a cyber-incident has been proven to be significantly higher that being proactive and getting your network or home computer tested for system weaknesses and vulnerabilities that need to be remediated.

So as we promote the effective use of technology regionally, we must, must, must do so with a keen understanding of the cyber threat and invest in cyber protections from the management, operational and technical security controls perspectives. The reality is that cybercriminals and hackers are always communicating and looking to exploit system weaknesses and vulnerabilities in order to steal money, intellectual property, and identities and they “have targeted the Caribbean”. The last thing the Caribbean region needs in these challenging economic times is to be known as an unsafe region to do cyber/internet dependent business, or use credit cards in the case of the tourism industry. As one of the fastest growing Internet penetration regions in the world we in the Caribbean can no longer afford to ignore the cyber threat we face today or in the future, as that next cyber victim may be YOU.

Discover more from Barbados Underground

Subscribe to get the latest posts sent to your email.

7 responses to “Caribbean Businesses, Organizations and Governments and People Could Be Losing Millions To Cyber Criminals & Hackers, And Don’t Know It”

  1. PLANTATION DEEDS FROM 1926 TO 2014 , MASSIVE FRAUD ,LAND TAX BILLS AND NO DEEDS OF BARBADOS, BLPand DLP=Massive Fruad Avatar
    PLANTATION DEEDS FROM 1926 TO 2014 , MASSIVE FRAUD ,LAND TAX BILLS AND NO DEEDS OF BARBADOS, BLPand DLP=Massive Fruad

    Caribbean Businesses, Organizations and Governments and People Could Be Losing Millions To Cyber Criminals & Hackers, And Don’t Know It@

    All they have to do is come to Barbados and sit in front of a lawyer.No computer, needed face to face and nothing done about it , Get mad and get back on your plane or yacht .

  2. Snake Venom! Avatar
    Snake Venom!

    Not to take away anything from what you have written in your insightful column, but you may be aware by now that based on the responses to your submission we(Barbados) are a non-technology centric, little island of pailing cocks!
    There was a young man who brought his experience to the public domain on Thursday or Friday of last week and made mention of having some funds withdrawn from his account without his consent. If I recall correctly, his story was eve carried by a local paper under a caption that again mentioned he Bulgarian Incident.
    His incident occurred after your article was written and yet I do not think that either of these two incidents has raised any additional public awareness on the matter. So much so that the two Bulgarian nationals that were convicted of the offenses leading up to these incidents of Cyber-theft went off to prison very quietly a few weeks ago to serve there sentences or be let through the back door. Who knows with this island and its propensity for bribery and kickbacks!
    Barbadians are steeped in the traditions of stupidity and ignorance and hence wont find time to educate or enlighten themselves to matters like these until it hits them as directly as the Solid Waste Tax did.
    It is very clear to me what we as a culture like to squabble, debate and raise hell about Politics and Political players. None of whom by the way, seem to care on umph about Cyber-security either, or care enough to immediately put frameworks in place to start to address this looming threat. If you take a look at the sheer number of comments that the Arthur action has gotten you can clearly see that every one who believes that they can write or has an opinion we need to hear, has submitted a response to those two articles. Yet this article has gone almost un-noticed.
    Tell you what though, if you write something that effectively looms in a stratospheric region relative to the intellect of the masses, it wont be touched because it not only cant be seen, it cant even be detected.
    Next time, tie it to the Solid Waste Tax and paying that tax online via the infinenty insecure Government Portal and its “waiting-to-be-hacked” I-Pay service. Then, you may reach a few more minds and get a few more responses. Evidence that you can actually raise awareness for something that truly matters and had immediate value if you phrase and put it in the context the masses can intellectually digest.

  3. David Avatar
    David

    Bear in mind the members of parliament received laptops from the government of China with no concern raised about the threat to national security.

  4. Crusoe Avatar
    Crusoe

    David | July 27, 2014 at 7:37 AM |

    Surely that is a conflict of interest and they should have been brought to task??

  5. Crusoe Avatar
    Crusoe

    @ David,

    By the way, who got the contract to renovate Almond???? Just wondering.

  6. David Avatar
    David

    The Speaker of the House accepted the give and approved the distribution.

  7. Crusoe Avatar
    Crusoe

    @ David,

    Still think it is a clear conflict of interest.

The blogmaster invites you to join the discussion.

Trending

Discover more from Barbados Underground

Subscribe now to keep reading and get access to the full archive.

Continue reading