Cyberattacks are serious threats

THERE ARE national and even international implications stemming from the cyberattack that disrupted the operations of Massy Stores in Trinidad last Thursday.

The company reported the attack affected its IT system and forced the closure of 23 outlets and related operations.

These developments should worry any TT business – whether large or small – that relies on technology for money, data and marketing transactions. Authorities should take note of the implications and co-ordinate with the private sector.

Cybercrime has been with us for a while. In 2020, the Ansa McAl Group was affected by a cyberattack that has been traced by some analysts to Russian entities. That same year, the Port of Spain City Corporation was affected by what is understood to have been a similar attack.

Even our Parliament was once affected when its website was briefly, but disturbingly, tampered with by online entities in 2012.

But the true extent of the problem is not fully documented by the authorities, partly owing to the nature of cybercrime, which sometimes involves actors taking advantage of perceived security weaknesses, in addition to the fact that hackers often take custody of sensitive data and documents, holding such items for ransom.

The current global climate, however, has raised the stakes when it comes to this issue and demands more transparency going forward.

Russia’s invasion of Ukraine has spilled online, with the internet as much a part of the theatre of war as anywhere else. Analysts have long expected Russia to escalate attempts at disruption against its adversaries – so much so that there has even been a movement by anonymous vigilante groups online to launch counter-attacks.

But whatever the source of cyberattacks, the implications are regional. Outages in one country affect others as well, as seen with recent attacks that have affected wire services or that have involved conglomerates with offices in multiple Caribbean jurisdictions.

Cybersecurity is not a national threat, but a Caricom-wide one requiring regional and international collaboration.

Meanwhile, where does this leave individual companies?

"Businesses have to, as best as they can, stay current and assess risk and close whatever avenues to intrusion exist as quickly as possible,” Amcham CEO Nirad Tewarie advised recently. This includes raising awareness of the techniques used by hackers to enter systems.

Not only do businesses have to contend with a crime situation on the ground, they need to also plan and budget for defending against cyberattacks. A recent survey of 1,296 businesses indicated that 46 per cent of surveyed businesses have experienced fraud, corruption or other economic crimes in the past 24 months, and cybercrime tops the list of threats facing them.

The Government has a role to play in shoring up its own systems, given the purported push towards greater digitisation. It must also fast-track legislation and give law-enforcement agencies the resources needed to police threats in collaboration with international partners.

Other systemic vulnerabilities need to be identified and promptly addressed.

If not, the experience of Massy last week might be a taste of worse to come.