Caribbean News Now!

About Us Contact Us

Countries/Territories

Jump to your country or territory of interest

Advertise with us

Reach our daily visitors from around the Caribbean and throughout the world. Click here for rates and placements.

Contribute

Submit news and opinion for publication

Subscribe

Click here to receive our daily regional news headlines by email.

Archives

Click here to browse our extensive archives going back to 2004

Also, for the convenience of our readers and the online community generally, we have reproduced the complete Caribbean Net News archives from 2004 to 2010 here.

Climate Change Watch

The Caribbean is especially vulnerable to rising sea levels brought about by global warming. Read the latest news and information here...

Follow Caribbean News Now on Twitter
Connect with Caribbean News Now on Linkedin
Instagram



News from the Caribbean:




Back To Today's News

Commentary: The View from Europe: Action needed to address Caribbean cyber security
Published on October 29, 2016 Email To Friend    Print Version

By David Jessop

Just over a week ago Google, Facebook, Amazon, Twitter, Netflix, Visa and many more premium providers of global web services, temporarily went offline. This was because they had indirectly suffered the effects of a distributed denial of service (DDoS) attack on Dyn, a largely unknown intermediary that enables web users to access the addresses of major web sites.

david_jessop.jpg
David Jessop is a consultant to the Caribbean Council and can be contacted at
david.jessop@caribbean-council.org. Previous columns can be found at www.caribbean-council.org
Experts say that it may have been the biggest DDoS attack ever mounted, because it brought down a key gateway, and was highly sophisticated in the way in which sent huge volumes of data, causing Dyn’s servers to deny access to its clients.

What was unusual was that the event in part was delivered through insecure smart devices – the so-called internet of things – including everyday items linked to the internet like web cams, baby monitors, smart TVs and DVD players, and even fridges and central heating systems.

Apart from indicating an absence of serious thinking about security by those who design and sell such web linked products and regulations to govern them, it demonstrated that it is now possible indirectly to shut down or disrupt essential online services.

Reports in the trade press suggest that so serious have DDoS attacks in general become, that more than 30 percent are now large enough to swamp almost any business or poorly protected government.

While few Caribbean cases of DDoS or cyber-crime ever become public, because of the perceived reputational damage, there are ample reports of the existence of cyber-attacks, including theft from banks; the hacking of government websites in The Bahamas and St Vincent by a group claiming to be supporters of ISIS; ransomware attacks on some Caribbean tax authorities; and most recently, the publication online in interrogatable form of 1.3 million files from The Bahamas’ corporate registry.

These revealed not just the lack of appropriate security within government portals, but the existence of outmoded IT systems and software with the potential, some experts suggest, to have compromised government’s internal communications. They also highlighted the region’s vulnerability, and the absence of local expertise or financial resource to address weaknesses, leaving others to be invited in to provide the necessary technical support and to remedy problems.

According to a joint study by the Center for Strategic Studies and McAfee published earlier this year, Latin America and the Caribbean (LAC) has become a new frontier for cyber-attacks and crime at an estimated cost of around US$90 billion per year.

The Cipher Brief, a digital, security-based platform that connects the private sector with the world’s leading security experts, recently noted that 12 percent of DDoS attacks now target the LAC region, and that the number is escalating. It is also the case that there has been a dramatic rise in the number of people, including tourists, with access to Internet-connected devices, potentially increasing national vulnerabilities.

Experts suggest attacks will increasingly be directed at softer targets in locations through which funds flow for tax advantage or commercial expediency, and where tourism has become central to the stability of a national or regional economy.

While some Caribbean governments and companies have begun to recognise the threat, strikingly not enough money or time is being spent on upgrading, protecting or testing systems related to essential infrastructure, government services, banking and financial services, private sector operations, or on securing media sites.

In addition, according to the OAS/IDB report, mistrust and an absence of authoritative information on best practice has led to an unwillingness to designate individuals in the police or military as coordinators of cybersecurity policy development, or to build public-private partnerships that might finance and build cyber security regimes.

As with so many matters in the Caribbean, the challenge is not in understanding the nature of the threat, but with implementation.

Although governments and a number of international agencies meeting in St Lucia in March signed-off on action plan to strengthen regional co-operation in areas such as training, legislation, technical capacity and law enforcement, since then progress has been slow.

To understand the scale of the problems that need to be addressed one only has to read the country by country reports in ‘Cybersecurity Are We Ready in Latin America and the Caribbean’ jointly published earlier this year by the Organisation of American States (OAS) and the Inter-American Development Bank (IDB).

It makes clear that almost all countries in the region have no overall strategy, few relevant laws and no genuine capacity to respond to a cyber-attack.

It suggests that the only country in the Anglophone Caribbean that is well prepared is Trinidad, with Jamaica not far behind. It notes that while Antigua, The Bahamas, Dominica, Haiti, and Suriname are ‘in the process of articulating a potential strategy’, there is no indication when they will have in place the essential components. As for the rest of the Caribbean Community (CARICOM), the report suggest that evidence of progress is scant.

In the Hispanic Caribbean, surprisingly, even the Dominican Republic, which is heavily dependent on connectivity, was deemed to be poorly prepared. In contrast, although not covered by the study, Cuba is well equipped. Having established the Universidad de las Ciencias Informáticas (UCI) in 2002, it now has some 14,000 graduates working in all areas of government and enterprise, and is consequently understood to have advanced cyber defence measures in place.

Unfortunately, there is a view in parts of the region that the Caribbean is somehow immune or unlikely to be of interest to cyber criminals. However, one only has to consider the enormous sums of money transferred regularly through the region’s offshore financial centres, the commercially sensitive documents held in registries and lawyer’s offices, matters of national security and criminality that all governments regularly engage with, the expansion of citizenship programmes, and the millions of daily commercial banking transactions, to immediately see the dangers cybercrime poses to small nations.

The Caribbean and Latin America have a small window in which to develop strong and integrated cybersecurity networks before attackers begin seriously to explore and infiltrate what is still a largely undefended region. As The Cipher Report puts it: ‘The question is whether governments have the political will, private industry is open to working with the public sector, and citizens start taking responsibility for their own cyber security’.
 
Reads: 5711





Click here to receive daily news headlines from Caribbean News Now!




Back...

Comments:

No comments on this topic yet. Be the first one to submit a comment.

Back...

As a result of our comments feature being overtaken in recent weeks by spammers using fake email addresses, producing a large number of bounced verification emails each day, we have reluctantly decided to suspend the comments section until further notice.

Disclaimer
User comments posted on this website are the sole views and opinions of the comment author and are not representative of Caribbean News Now or its staff. Caribbean News Now accepts no liability and will not be held accountable for user comments.
Caribbean News Now reserves the right to remove, edit or censor any comments. Any content that is considered unsuitable, unlawful or offensive, includes personal details, advertises or promotes products, services or websites or repeats previous comments will not be approved.
Before posting, please refer to our Terms of Use and Privacy Policy.




Other Headlines:



Regional Sports: