Cyberattacks in the region on the rise | Local company
With the rapid adaptation of the digital world during the Covid-19 pandemic, the issue of cybersecurity has become pressing.
Dorian Dyer, vice president of business development at DigitalEra, told Express Business that in recent weeks cyberattacks have taken place in Barbados and St. Maarten.
“It’s more than usual. These attacks were carried out by large ransomware gangs. So we had two attacks in a short time. That’s more than usual for the Caribbean. So yes, we are seeing an increase. Absolutely,” he said.
DigitalEra Group is a Florida-based specialist solutions provider that offers cybersecurity consulting, strategy and services, and has been in business for over 20 years.
Dyer describes cyberattacks as a scourge.
And with more businesses having a digital presence due to the pandemic, he stressed the need for all businesses, even SMBs, to strengthen their cybersecurity.
Ricardo Martinez, the company’s chief revenue officer, pointed out that cyberattacks have become more high-profile because of their impact on targeted businesses.
“Security breaches have always happened. Now it’s how the organization responds and the level of impact. Ransomware is a very unique type of attack because it really brings business to a halt because everything is encrypted. There is enormous visibility. And also a lot of the organizations that rely on digital technology today can’t offer that service, so everyone is made aware — so if you have a bank that has your online banking and you try to log into your bank account, and then all of a sudden it says we’re down, you think that’s suspicious. So that obviously raises a lot of red flags.
“I think that’s the trend you’ve seen, that since some organizations are affected and get external visibility, that’s what makes it a hot topic. And that’s why more and more people are becoming aware of these types of events. This doesn’t mean that in the past they haven’t had breaches or they haven’t had attacks or even malware in the organization. It just wasn’t as visible as it is now,” Martinez explained.
He pointed out that in the United States companies have to disclose when there has been a breach because there is personally identifiable information.
“You are required by law to provide victims of information theft with credit reports and access to credit. In the region, we don’t necessarily have that,” added Martinez.
Is the region targeted?
“I think the region is targeted, I mean all the organizations are targeted. But obviously when one of them is hit and they actually pay a ransom, it’s a great target for other hackers to try and get their piece of the pie and get paid,” said Martinez said.
He said that unfortunately what happens is that companies pay the ransom in cryptocurrency.
He explained that when an attack actually happens, it happens after the ransomware has been inside the organization for weeks or even months.
“They did some reconnaissance, finding out what critical information the organization has, looking to see if they had any backups, and making sure they deleted those backups. So by the time they encrypt, it’s already too late. So when this organization says okay just restore the backup like oh wait a minute we don’t have any backups. So if they really want to restore information, either they pay or they don’t recover that data,” he said.
He observed that paying the ransom is sometimes the only way to restore critical information.
Martinez said this is one of the services DigitalEra offers its customers.
“These ransom organizations are highly organized. It’s organized crime,” he said.
Martinez observed that while extortion is a crime, wire transfer is the person’s choice.
Dyer said there are no regulations prohibiting ransomware payments in the Caribbean and there are little to no consequences for cyberattacks.
“Whenever there is ransomware and there is a breach, we try to get a copy of the code that was used to encrypt and understand where it came from, who the threat actors were , and we’re doing some kind of reverse engineering to find out… Oh, it was Russian made or it was Chinese or it was by several features in the code. But it’s kinda very hard to really identify it,” he said.
Roger Brian, English Caribbean territory manager for the group, told the Express Business that the organization has gone from being an indirect software distributor to a hands-on distributor during the pandemic.
“Through our extensive experience, human resources expertise (including former NASA security experts), and our engagements with our partners, we have gained an excellent understanding of the ever-changing cyber risk landscape. We see ourselves as thought leaders and work closely with clients, including major government organizations, regional financial institutions and many large enterprises, to improve their overall cybersecurity risk posture,” a- he declared.
But what guarantee do customers have with their security software?
“When it comes to cybersecurity, there are no guarantees, the best you can do is do your best. best to make sure things are secure and put the best foot forward.For many organizations, the vast majority of breaches could have been avoided by taking basic security controls as an example.Many organizations still rely on 20 years old technology and haven’t updated to next-gen technology.There are more than 3,000 security vendors and all of them have cutting edge technology and there are so many ways adversaries get into the organizations, that you really need to do your best and make sure that you are reaching out to the majority of those in the best possible way.So as a guarantee, there are no guarantees, but we can making sure that if we put in the basic checks, we’re way better than most,” Martinez said.
When hackers attack
In October 2020, local conglomerate ANSA McAL fell victim to ransomware hackers who allegedly infiltrated some of the company’s computer systems. The attack apparently started in ANSA McAL’s operations in Barbados, particularly in the automotive sector.
A month later, the Port of Spain Corporation fell prey to a cyberattack, which delayed the company’s ability to pay 1,300 daily workers on time.