TT at mercy of cyber criminals

Tech expert and Newsday columnist Mark Lyndersay. FILE PHOTO -
Tech expert and Newsday columnist Mark Lyndersay. FILE PHOTO –

TECH expert and Newsday columnist Mark Lyndersay said the private sector’s strategy of keeping its cyber-attacks secret, hoping it would go away, is an archaic move, showing TT’s response to cyber crimes is stuck in the past.

“Malware and ransomware continue to become more sophisticated and TT’s response to it remains adamantly 20th century,” Lyndersay said on Friday.

“Until the laws regarding privacy, personally identifiable information, cybercrime and corporate responsibility for these issues are proclaimed, companies and the public sector are under no obligation to even report breaches, far less notify affected citizens.”

Lyndersay’s statement came on the heels of a release sent by the Massy Group, which sought to dismiss claims made by a Jamaican newspaper that some 17 gigabytes of data were dumped on the internet by cyber criminals on October 9.

The report claimed the data included personal information such as names, addresses, taxpayer registration numbers, signatures videos and pictures of employees and contractors in Massy Jamaica.

“We would like to caution that much of the information being shared publicly about this cyber-security incident is speculative and inaccurate,” Massy said in the release.

It invited people to use official channels for information.

On April 8 Massy’s branches in TT experienced a cyber attack which held critical information to ransom. The attack froze the nation’s largest grocery chain’s point card system and exfiltrated an estimated 216 gigabytes of data before encrypting it.

A July 12 report by Red Packet Security, a cyber-attack tracker, issued a notice saying that the exfiltrated files were posted on the dark web.

On July 19 the hackers published the entire load of data on the dark web. Five days after that, reports said, Jamaica was hacked.

In a release sent to the media Massy admitted that more damage was done than previously thought.

“Through continued investigation of the cyber-security incident, we are now aware that that data unlawfully accessed by the attackers was more extensive than the preliminary stages of the investigation indicated,” the release said.

Source link