Cybercrime under-reported

THE TTPS does not have definitive data about the prevalence of ransomware and other debilitating cyberattacks in TT because local companies that fall victim often do not make reports to the police.

But head of the Cyber and Social Media Unit Sgt Daniel Hernandez said there is evidence that incidents involving malicious software usage by cybercriminals is on the rise globally. There’s also an increase in relation to attacks on companies.

“We can only focus on reports. If we don’t get reports then we can’t give definitive (information) on what is happening,” he told Newsday.

On Wednesday, Newsday reported that some IT systems at Ansa McAl, the Caribbean’s biggest conglomerate, were held hostage by a ransomware attack by criminal cybergang REvil. In a statement that evening, Ansa McAl acknowledged a “security incident” within the group’s IT systems in Barbados and Trinidad, but the business was once again operational.

Asked if there was any update, the company said on Wednesday that the information in its statement on Tuesday still stood as its official position.

Asked why people might be reluctant to make reports, Sgt Hernandez said many the institutions affected may not want the negative connotations that may come from letting it be known publicly that they have been victims of these attacks.

“(They are concerned that reports) could interfere with their reputations. Once that reputation is affected it is difficult to repair. That’s one of the major reasons we don’t get people coming in.”

Another challenge is the fact that there are no laws in TT that specifically address or define cybercrime (the Cybercrime Bill is currently before a Joint Select Committee of Parliament). Police then have to look to existing laws like the Computer Misuse Act and the Offences Against the Person Act and work within those remits.

“We are waiting on some sort of legislation to give teeth to our investigations,” Sgt Hernandez said. And any crime, even the theft of a cell phone, gets designated as a cybercrime once there’s a digital element. The unit is then called in to assist in several investigations. There’s also the TT Cyber Security Incident Response Team (TTCSIRT), operating out of the Ministry of National Security that also handles cybersecurity issues, but more on a national scale. “(Malware, including ransomware) can bring down a digital infrastructure,” Hernandez said.

In terms of protecting against cyberattacks, he noted that technology is dynamic and any advice he gives could become obsolete the next day. But, he said, one thing he would tell companies to do was ensure they had copies of all data stored off site so that they can restore a system even if held to ransom.

“Have your back up. That way you can continue operations and (thwart) the attackers because they can’t hold you for ransom that way.” He also reminded people to be careful when opening e-mail attachments and even when using flash (USB) drives.