Gonzales: TSTT faced malware attack in March

MINISTER of Public Utilities Marvin Gonzales has said a malware attack in March caused the failure of TSTT's web portal for facilitating online bill payment.

He was answering a question in the House of Representatives on Friday from Couva South MP Rudranath Indarsingh. The opposition MP said the portal was non-functional from March 14-29.

Gonzales related, "On Sunday, March 13, TSTT was the target of a malware incursion. TSTT systems detected a security attack directed at a number of the company's internal only solutions and applications.

"As a precautionary measure, all possibly impacted systems were isolated, including TSTT's online payment application from TSTT's website stored within the private cloud environment.

"Consequently TSTT was unable to process payments, transactions, from March 13-28 via this platform."He said during that period, TSTT told its customers they could still make payments via bank transfer, SurePay, Western Union, NLCB Via and the BMobile application.

Indarsingh asked about the financial cost to TSTT of the malware incursion, but Gonzales did not have that information.

The Couva South MP asked for an assurance no malware attack would happen again to TSTT.

Gonzales said the TSTT team had taken immediate protective steps.

"The software master records of the infected machines were destroyed, completely removing these systems from TSTT's environment.

"The cloud host servers were rebuilt following the manufacturer's best practice to secure enhanced security features and reduce risk."

He said a number of other interventions were made in TSTT's security systems.

"I'm pleased to advise the citizens of TT and particularly the customers of TSTT that the company has done sufficiently to address this concern and prevent a possible recurrence of the incident."

Indarsingh asked if the malware attack had been internal or external.

Gonzales said, "I hope the member understands that a malware incursion is quite normal in that environment. What is important is that it is detected early, (and) it is isolated to prevent any deterrence or negative impact on customers.

"Therefore this is something that is continuous. It has to be monitored. Therefore the company is constantly monitoring its systems to prevent these occurrences.

"But these things happen from time to time on any infrastructure of this nature."

In reply to a Newsday query, TSTT said on Friday it had issued a customer advisory at the time saying all hands were on deck to fix an issue that had affected its payment system. It said, "The event has not affected the performance of our network. All services including voice, mobile data, internet, security and entertainment, remain unimpacted and fully functional."

Communication Workers Union president Clyde Elder could not comment, as he had not seen Gonzales' statement.