Government puts organisations on alert - CYBER ATTACK FEARS

GOVERNMENT and the Opposition are said to be concerned about the potential for future cybercrime attacks, after one such attack on the Ministry of the Attorney General and Legal Affairs last Friday.

In a statement on Sunday, the National Security Ministry said its cyber security incident response team (TT-CSIRT) is urging all organisations to take the necessary precautions to mitigate against rising ransomware attacks.

Ransomware is malware designed to deny a user or organisation access to files on their computer servers. Malware is software designed to disrupt, damage or gain unauthorised access to a computer system.

Cybercriminals use ransomware to enter a system and encrypt all data, then offer a decryption key if the victim/organisation agrees to pay a "ransom" through cryptocurrency. Another form of extortion would be a threat to release sensitive information online if the ransom is not paid.

The ministry, in its release on Sunday, provided links to resources that can help to protect organisations' systems against ransomware attacks.

Those are a ransomware prevention guide https://ttcsirt.gov.tt/ransomware-prevention/ and ransomware response checklist: https://ttcsirt.gov.tt/ransomware-response-checklist/

Should any organisation fall victim to a ransomware attack, the ministry said, TT-CSIRT should be contacted immediately at https://ttcsirt.gov.tt/report-an-incident/ or e-mailed at: contacts@ttcsirt.gov.tt

TT-CSIRT provides different tiers of incident response depending on the need of the organisation under attack.

Those tiers are:

Consultative – giving advice and guidance to the organisation’s incident response team (IRT);

Incident handling – co-ordinates the incident response process and advises the organisation’s IRT;

Incident management – co-ordinates the incident response process, leads the organisation’s IRT and deployment of TT-CSIRT’s technical personnel and resources to resolve the incident.

The ministry said information provided to TT-CSIRT in these matters is "held securely and in strictest confidence." Information will not be disclosed without the consent of the client organisation.

Any information obtained by TT-CSIRT will be anonymised and depicted only in aggregated statistics, the ministry said.

Hours after this statement was issued, Barataria/San Juan MP Saddam Hosein referred to it during a news conference at the Opposition Leader's Office in Port of Spain.

Hosein asked if the statement was a warning about future cybercrime attacks, similar to what happened at the Ministry of the AG and Legal Affairs.

When that attack happened, state attorneys complained that they were not able to access their e-mails or statements made by opposing attorneys. Hosein asked whether this situation had been rectified.

He claimed that Attorney General Reginald Armour, SC, "was suspiciously quiet" on it.

He added that this ministry deals with several matters which are in the public's interest and wondered if the cyber attack affected any of them.
"The AG must break his silence," Hosein urged.

In the Senate on May 24, Armour said Government was working to strengthen legislation to protect citizens against different forms of cybercrime.

While the Computer Misuse Act was passed in 2020, Armour said Government recognises the need to continue to strengthen this legislation.

"Our work is set out for us and we are continuing as a government to give active consideration to all of the circumstances of criminality."

Armour said amendments to the act are being considered and reviewed by his ministry.

He also disclosed that TT was invited in October 2021 to formally ratify the Budapest Convention, the first international treaty seeking to address internet and computer crime by harmonising national laws, improving investigative techniques and increasing co-operation among nations.

TT has observer status to the convention and has five years in which to ratify the treaty. Armour said once this happens, TT can benefit through partnership with other nations to combat various types of cybercrime.

While it has been identified globally as a significant area of grievous crime, Armour said, "There is no international definition of cyber crime or cyber attacks."

He acknowledged that these crimes do not respect international borders or the sovereignty of individual nations.

Armour also observed that in many countries, including TT, the public and private sectors are heavily reliant on information communication technology, rendering them vulnerable to potential cyber attacks.

In a statement issued after the briefing, the UNC said it "fully supports the view that cyber security is of critical importance to our national security and economic prosperity."

This position was reinforced by the participation of some of its MPs at a special two-day workshop on cybercrime at the Radisson Hotel, Port of Spain from July 5-6.

The workshop, which was organised by the Parliamentarians for Global Action (PGA) International Peace and Security Program, focused on engaging Caribbean parliamentarians in the implementation of the Budapest Convention.

UNC MPs Wade Mark, Khadijah Ameen, Anita Haynes, Rushton Paray, Dinesh Rambally and David Nakhid attended.

The UNC said it will "continue to push for greater education and public awareness of the threats posed by cybercriminals as well as advocate for policies that keep TT citizens safe from all aspects of crime including those committed in cyberspace."