Mon | Sep 24, 2018

Eight ransomware cases in two years - Police

Published:Monday | March 19, 2018 | 12:00 AM
Ricardo Dystant (left), head of ebusiness at JN Bank, in discussion with Dr Moniphia Hewling (centre), head of the Jamaica Cyber Incident Response Team (JaCIRT), in the Ministry of Energy, Science and Technology, and Assistant Superintendent Warren Williams, of the Jamaica Constabulary Force’s Communication Forensics and Cybercrime Division, during a World Consumer Rights Day seminar and exhibition at the Knutsford Court hotel in New Kingston last Thursday.
Dolsie Allen (left), chief executive officer of the Consumer Affairs Commission, converses with Ricardo Dystant, head ebusiness at JN Bank, and Dr Moniphia Hewling, head of the Jamaica Cyber Incident Response Team (JaCIRT), in the Ministry of Energy, Science and Technology, during a World Consumer Rights Day seminar and exhibition at the Knutsford Court hotel in New Kingston last Thursday.
1
2

There has been an increase in cases of cyber extortion, ransomware, identity theft, and electronic fraud, according to Assistant Superintendent of Police Warren Williams, head of

the communications department in

the Jamaica Constabulary Force's Communication Forensics and Cybercrime Division.

Williams said that with regard to ransomware, Jamaica has seen eight reported cases between 2015 and 2017.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

"One case has been disposed of, three cases have been thrown out and four are ongoing in terms of investigations. So we haven't had a complete conviction for one of these cases just yet, but it is in our Jamaican space and you have to be wary of that," he disclosed while addressing a World Consumer Rights Day seminar and exhibition at The Knutsford Court Hotel in New Kingston last Thursday.

Williams advised that organisations in the public and private sectors must conduct regular cybersecurity checks on their networks to assess their vulnerabilities.

"Test your environment to ensure you're cybersecurity-ready. Check to see that you're conforming to national compliance protocols. Do awareness drives with your users, conduct regular risk management and assessments; and ensure that your IT infrastructure is robust and resilient, and train your staff to deal with these attacks," he recommended.

Data provided by the Jamaica Cyber Incident Response Team in the Ministry of the Science, Energy and Technology show that in 2016, the country lost US$100 million because of cybercriminal activity, while in 2017 more than 230,000 threats were detected in the space of a month.

'Everyone is at risk'

Dr Moniphia Hewling, head of the Jamaica Cyber Incident Response Team in the Ministry of Science, Energy and Technology, is warning persons to be vigilant when carrying out business activities online, noting that "everyone is at risk".

Hewling pointed out that one of the main problems is that many Jamaicans are still of the mindset that cyberattacks are events that take place overseas.

"We are no longer immune from this. It's happening here in Jamaica. The fraud is taking place here, the skimming of the cards, the hacking of the machines and the phishing emails are all taking place in Jamaica," she said.

Hewling said cases of cybercrimes have "escalated over the last couple of years.

"They are well organised, they are advanced technically, they are well financed and they have adopted a new view. They go into the networks and they sit there, they observe, they see what is happening and they take a little out of everybody's account," she revealed.

Hewling noted that many persons may not realise they are the victim of a cybercrime because of the small amount that is sometimes taken from their accounts.

"Most Jamaicans won't realise or even check if $1 is taken from their bank accounts. But when they take all these $1s or $10s, they end up earning more than what we all earn collectively," she said.

Hewling said Jamaicans must be more aware of their activities online and urged persons to exercise good cyber practices.

"We have to be smart. One of the things we see is that ignorance can compromise the security of your data. A lack of training and awareness for the business community and the public sector, especially, can also put your information at risk," she advised.

EVERYONE'S RESPONSIBILITY

Hewling said cybersecurity is not just a job for the Government, but that everyone has a responsibility to protect themselves and their businesses from these kinds of attacks.

For his part, Ricardo Dystant, head of e-business at JN Bank said financial institutions have taken significant steps to enhance security for their customers and members in order to eliminate or reduce scams and other online attacks.

He noted that JN Bank was the first to introduce the cardless ATM in Jamaica last year, which allows customers to withdraw funds as well as deposit cash and cheques without the need for their ATM cards.

Dystant said the cardless machines not only add convenience, but reduce the opportunity for cards to be skimmed.

"Because there is no card, you don't have a magnetic stripe. How skimming works is that criminals get the information from the magnetic stripe and then replicate the data and gain access to the person's account. However all this is eliminated with the cardless ATM," Dystant said.

He added that some local banks, including JN Bank, have introduced credit cards that utilise a new form of technology called the EMV chip, which provides an additional layer of security.

"It's more secure, because you can't copy the chip. Every time the card is used for payment, the card chip creates a unique transaction code that cannot be used again," he said.

The World Consumer Rights Day seminar and exhibition was organised by the Consumer Affairs Commission and held under the theme 'Making Digital Marketplaces Fairer: Access, Security and Protection'.