T&T’s National Security Ministry warns of increase malicious cyber-activity
PORT OF SPAIN, Trinidad, CMC – The Ministry of National Security’s cybersecurity arm has warned that the country is facing a sharp increase in malicious cyber activity over the past two months and police are urging those affected to come forward with reports of these incidents.
The warning was made one day after Massy Stores confirmed that it was the target of a cyber attack and based on this the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT), has urged all entities to adopt a heightened state of awareness.
Although the unit did not identify the number of cases that prompted the statement, it said that those being targeted include local and regional entities.
It noted that the top threats to the twin island republic were Ransomware, Social Engineering (Phishing) and Malicious Insiders.
It also warned that the most prominent vectors used against local entities were the exploitation of system vulnerabilities (particularly outdated firewall appliances and email systems), phishing emails with infected attachments or links, and compromised user credentials
Speaking with Guardian Media on Friday, president of the Supermarkets Association of Trinidad and Tobago, Rajiv Diptee, said Massy Stores’ infiltration was not an isolated incident.
“We’ve seen a spike in activity in these kinds of incidents over the last two years and these incidents go unreported,” said Diptee.
However, the Cyber and Social Media Unit (CSMU) of the Trinidad and Tobago Police Service (TTPS) lamented that people aren’t reporting these incidents and therefore there is little they can do.
Inspector Daniel Hernandez said businesses are reluctant to make a report because it may discourage commerce.
“We know there is an issue that comes up called reputational risk and businesses are concerned with bringing their information to the Police but if you don’t come then you run the risk of not only you becoming a victim but other people in your sphere, the report gives us a greater picture as to what is happening in the cyber landscape and that will give us the ability to inform the public as to what is really happening.”
Hernandez added that the TTPS cannot intervene or investigate unless the victim comes forward.
“That cannot happen, as a police establishment that report has to be made, we have to have a victim, so I cannot go onto someone’s premises or access their private information. One of the most important things we treasure is the private information of citizens and I don’t have the authority to just walk into Massy and say I want to investigate.”