Governments and Organizations need to take action to secure their websites and computer networks
Bridgetown Barbados, March 28, 2013:
The Caribbean Cyber Security Centre understands that if regional businesses, governments and organizations do not take action “NOW” to effectively assess the security of their websites and computer networks, serious harm will be done to our key regional offshore finance, banking, tourism and public sectors.
The time has come for ICT leaders of all types to pick up the phone and get an immediate independent internet penetration test of their internet facing systems at a minimum. The opportunity Caribbean nations have had to get our cyber security houses in order in both the public and private sectors is quickly coming to an end.
The reasons for Caribbean cyber security concerns which are evident in the spike of recent hackings, bank breaches and denial of service attacks across the regional include:
In essence, the court held that libel did not occur simply by a website producing a hyperlink to a site that might in itself be defamatory. However, if the website posting the hyperlink commented in a defamatory manner, then that is a different ballgame.
A very straightforward and common sense approach. But, as the BU family well knows, it is not as simple as that.
It is settled that if X (a USA citizen and resident) publishes a libellous comment about Y (a Bajan citizen and resident) in X’s USA website, then Y can bring an action for defamation in Barbados before the Barbados courts where the damage to Y’s reputation has been done.
Submitted by James Bynoe, BCF Senior Vice President for Cyber Security
As a Barbadian and Cyber Security executive the protection of the Caribbean’s Public and Private Information and Communication Infrastructures is one of the most serious economic and security challenges facing Barbados and our region.
Our ability to effectively ensure the Confidentiality, Availability and Integrity (CIA) of regional informational technology assets has significant economic and security implications for both the public and private sectors.
More than ever before a comprehensive regional Caribbean centric approach to Cyber Security is needed which takes into consideration the many local technical, management, operational, and cultural nuances of Caribbean nations. It is also important that we as a region start to view ourselves as a “single cyberspace entity” in order to leverage best of breed Caribbean centric cyber security best practices and lessons learned.
Here are a few facts which emphasize the need for ICT professional in the private and public sector to “act”.
It was inevitable that WikiLeaks founder Julian Assange would have been defeated in his extradition battle with Sweden. To have embarrassed the United States in the way he did will never be forgiven or forgotten. There is the view, debatable though it is, that his cables served as the catalyst for the unrest currently on the go in the Middle East.
The important role the Internet plays in the lifes of individuals, business’ and governments has become an everyday reality. The intimidation of the Internet was manifested in Egypt when the government sought to muzzle freedom of expression by going ‘dark’. Internet penetration, some would say intrusion, in our daily lifes makes it difficult to imagine a day without Internet connectivity.
It is therefore no surprise to read about information circulating on the World Wide Web that the US government is already pursuing measures to be able to shutdown the Internet as a response if civil unrest were to occur. “Experts say it’s unlikely that what’s happened in Egypt could happen in the United States because the U.S. has numerous Internet providers and ways of connecting to the Internet. Coordinating a simultaneous shutdown would be a massive undertaking.” According to this website a bill was proposed last summer by “the controversial submitted by Sen. Joe Lieberman – S.3480 “Protecting Cyberspace as a National Asset Act of 2010”. If the cybersecurity bill were to be passed it would give wide-ranging power to the President of the USA to shut down parts of the Internet for up to 120 days….
USA occupies the position as a world leader and there is a reasonable expectation that others would follow.
“In his editorial [of today], Assange wrote that democracies require strong media to keep governments honest and that WikiLeaks helps fulfill that role. “WikiLeaks has revealed some hard truths about the Iraq and Afghan wars, and broken stories about corporate corruption.”
Even as WikiLeaks founder Julian Assange is battling a Swedish extradition order on an obscure charge of rape, there is another battle being waged and the scene is on the virtual battleground of the Internet. Despite attempts by the ‘quote unquote’ authorities to shutdown WikiLeaks, empathizers of Julian Assange on the Internet are bragging that the WikiLeaks website has been duplicated in 500 locations so far. BU did a check before posting this blog and the WikiLeaks website is indeed up and running.
What is interesting about the WikiLeaks saga has been the debate suggesting that the authorities may seek to regulate the Internet. What is evident if we are to judge by the denial-of-service strikes on MasterCard International, PayPal, the Swiss Bank which has frozen the assets of Assange and others is the power which techno savvy individuals have to fight back from their bedrooms using the Internet. The proliferation of proxy servers which sit in onion networks makes searching for some of these guys like that of looking for the proverbial needle in the haystack.
The WikiLeaks saga has given rise to some interesting analysis. Is Julian Assange, founder of WikiLeaks, justified in leaking what has been classified as sensitive communication between the US State Department and its embassies and consulates around the world? Assange’s position is ‘the disclosures are purely an exercise in democracy, which is partly understood to include embarrassing government officials and exposing what is seen as hypocrisy in national and international politics.” US Secretary of State Hillary Clinton has rebutted by stating “the publication of classified diplomatic cables constitutes an “attack on the international community. It is an attack on…the alliances and partnerships, the conversations and negotiations that safeguard global security and advance economic prosperity.”
Modernghanna.com used an interesting analogy to describe how a diminutive Australian by the name of Julian Assange has used the Internet to expose the demagogy of the world’s most powerful countries.
“An old African story teaches that the size of the elephant is no guarantee that it is safe from the machinations of small and lesser known animals in the forest. So the tiny ant could find its way into the elephant’s nose, and the elephant would spend days begging the little ant to stop biting.”
If one were to be asked who would want to regulate the Internet, China, Iran or USA, China would be on the tip of the tongue for sure. Recently President Obama in the wake of the China/Google incident called for countries to stop* censoring the Internet. Read the latest:
A new bill being debated this week would have the Attorney General create an Internet blacklist of sites that US Internet providers would be required to block –
Last month Google was convicted of defaming a French computer user after the Internet technology giant linked his name to the word “rapist” in automatic web searches. Usually a cool feature only this time Google got it wrong. Even if Google wins on appeal what is evident is that big foot moves are taking place to regulate the Internet.
BU has always shown a keen interest in matters to do with how the Internet is being regulated. Bear in mind freedom of speech which is facilitated by BU is riding a changing tide.
For the last 10 years I have been at the forefront of the international cyber security war for one of the world leading IT firms. Unknown to many there is a daily war being waged against computer systems worldwide to include the average Internet user, “you”.
Identity theft has become the well known cyber crime of choice for many hackers these days, who are now using non technical social engineering methods to lure users into given up private information via spoofed websites.
To make matters worst the image of the average hacker has changed significantly in recent years, the average hacker is no longer a nerdy looking guy with glasses sitting at a PC typing in command line codes to break into a PC like on TV. Today’s hackers are far less trained in the art of hacking, and can easily rely on a sea of automated free hacking software tools provided by a large number of black sites as we call them.
The good news is that there are cyber war fighters like me out there waging a good fight for your protection. The bad news is that we are often outnumbered outgunned, and outresourced be those who desire to commit cyber crimes and exploitation.
So what can you do to protect yourself in simply terms:
There is a view, that it is dishonest of some main stream media personnel to suggest that the result of the last general election in Barbados, was not influenced – to some degree – by the varied opinions expressed on the blogs. I am not suggesting the blogs handed victory to one particular party… as that is difficult to prove. What I am suggesting is that issues generally hidden in Barbados were brought to light; resulting in the electorate ceasing to view “alleged” abnormalities as normal. This new “participation by observation” nucleus was difficult to assess. However, the result was a landslide victory, not anticipated by some experienced observers.
This new and different voice was in part the reason why some politicians made serious mistakes. They equated the numbers commenting, with a set number of votes. not taking cognizance of the “participant observers” to which I have previously alluded. Those who read, discussed, but never made comments. It is important to understand Barbadian society; as those who do not can equate call in programmes with the blogs. Some participants on call in programmes will say what is expected of them depending on party loyalty etc.
It is good to see the political parties in Barbados not shy about using the technology to deliver their respective campaigns. Of the two parties it appears that the Democratic Labour Party has been the more aggressive –see link to YouTube. The power of the Internet should not be underestimated when discussing the dissemination of information to a global audience. An example, our article was featured in today’s “The Issue“, an Internet newspaper, which features stories originated by blogs from across the globe.