jamaica: victim or perpetrator of cyber crime and intrusions (final)
DESCRIPTION
Presentation given at the Paladion seminar, “Scaling up Security Management for Newer Threats”, on 26 June 2012 in Kingston, JamaicaTRANSCRIPT
Jamaica: Vic)m or perpetrator of cyber crime and intrusions?
INFOSEC Execu)ve Breakfast Kingston, Jamaica � 26 June 2012
Cyber incidents not widely reported in the Caribbean
A few possible excep.ons: • Tax Administra.on of Jamaica – June 2012 • Hacking of Trinidad & Tobago Parliament website – April 2012
• Hacking of Trinidad & Tobago Ministry of Finance website – March 2012
• DDoS aHack LIME Barbados network – March 2012
What do Caribbean network security experts think about cyber security in
the region?
Intrusions are highly prevalent in the Caribbean
• Success rate of aHempts unknown • Top sources for threats – Russia, China, HK • Organisa.ons have a narrow view of security • Caribbean has not commiHed the necessary resources or effort to strengthen frameworks
• In addi.on to threats in-‐country, Caribbean countries can be used as jump-‐off points for aHacks in other countries
What is the situa)on in Jamaica?
A legal & enforcement framework exists for cyber crime
• Cybercrimes Act 2010 exists along with a Cybercrime Unit (CCU)
• CCU can only enforce with coopera.on of vic.ms and other affected interests
• Unit has its hand full tackling local crimes plus loHo/telemarke.ng scams targeted at the US
• LoHo scams are affec.ng country’s reputa.on – “Beware 876” campaign
CCU tackled 32 cases in 2011
So far, Jan—May 2012: 26 cases
CCU data doesn’t tell us much
• Incidents reported as cyber crimes are done according to Cybercrimes Act
• CCU’s main goal is prosecu.on • Focus likely to be incidents origina.ng in Jamaica
• LiHle or possibly no framework for incidents affec.ng Jamaicans but origina.ng elsewhere
• Cases reported to CCU only a drop in the bucket
How can we stem the )de?
Cyber incidents can be debilita)ng and isola)ng
• Majority of organisa.ons are unaware that they have been compromised
• Incidents cost organisa.ons $MM – .me, revenues, produc.vity, remedia.on
• Many organisa.ons could be having iden.cal experiences – unbeknownst to the other
• Oaen limited insight into scope of incidents -‐ frequency, characteris.cs, paHerns, possible solu.ons, etc.
Internally, we must be beUer prepared and equipped
• Comprehensively examine systems, networks, equipment
• Strategically establish priori.es & con.ngencies
• Invest in the con.nual maintenance and update of defences
• Exercise even greater vigilance • Support staff training and capacity building
We must also be prepared to establish trust rela)onships
CERTs/CSIRTs are urgently needed: • Provide expert informa.on and support • Supplement internal security plans/structures • Increase awareness of incidents -‐ frequency, characteris.cs, commonali.es, possible solu.ons, etc.
• Ensure that appropriate industry standards and prac.ces are established
Thank you!
Michele Marius Blog: ict-‐pulse.com
FB: facebook.com/ICTPulse TwiHer: @ictpulse
Image credits • Stethoscope: dreams designs / FreeDigitalPhotos.net,
hHp://www.freedigitalphotos.net/images/view_photog.php?photogid=1449
• Binocular image: Ntwowe / FreeDigitalPhotos.net, hHp://www.freedigitalphotos.net/images/view_photog.php?photogid=2043
• Hermosa Wave image: watch4u / flickr, hHp://www.flickr.com/photos/look4u/