Nadine Maitland, Contributor
The advent of the Internet, along with cross-network services, has impacted the way we communicate, socialise and do business. As private organisations and government entities move to take advantage of the opportunities it provides, they need to be aware of the negative effects this poses to their businesses and customers, including the economic cost associated with incidences of cybercrime.
Cyberattacks can be categorised as passive or active, and involve one of the following:
1. Interruption - an asset of the system is destroyed or becomes unavailable or unusable.
2. Interception - An unauthorised party gains access to an asset.
3. Modification - An unauthorised party not only gains access to, but tampers with an asset.
4. Fabrication - An unauthorised party inserts counterfeit objects into the system.
Academic and trade literatures report that motivations for cyber-attacks involve:
1. The challenge and the skills required to get on to a network or computer.
2. The perceived possible potential gain.
3. Anger and aim to cause damage
4. The challenge of defeating the system security.
5. Intrinsically motivated action (takes on task for their sake).
Minister of State Julian Robinson, alluded to the fact that over four state agencies' websites were hacked within two weeks, including the Office of the Director of Public Prosecutions. Over the last two years, the Jamaica Constabulary Force (JCF) has dealt with more than 1,700 cybercrime cases annually, and it seems likely that these figures could rise in the years ahead. As pointed out earlier this year in Parliament, these figures represent a fraction of the real figure. Even with the loss of millions of dollars, banks and financial institutions are tight-lipped on reporting cybercrimes, the fear of negative reactions from customers being a major reason for inadequate reporting of the occurrence of cybercrimes. Recent attacks have left governments scrambling to find solutions to the evolving cybercrime phenomenon. Jamaica, like many developing countries, is lagging behind in its planning for cybersecurity. This makes Jamaica a prime target for hackers who are several steps ahead in this game.
In Jamaica today, over 90 per cent of government ministries and agencies have an Internet presence. The information on these sites varies from basic, about services offered, to the ability to make online payments. Most of these agencies also have a social media presence that increases their vulnerability. Reports reveal that three government agencies, namely the JCF, Ministry of National Security, and the Rural Agricultural Development Authority websites were hacked. This is just an example of what can result from this increased exposure.
Government agencies hacked
Private businesses are also taking advantage of these social-media technologies. Most large organisations have an Internet and social-media presence and these are often used for advertising and to get feedback on new and existing products. Some also give their customers the option of making payments online. Today, most banks and financial institutions are encouraging customers to do business online and this puts them in a similar position as the Government in terms of their vulnerability to cyberattacks. Given reports that over 229 websites were hacked in 2012, and included in these figures are government agencies, tertiary institutions and private institutions, how secure are these sites?
It should be noted that, in addition to cyberterrorists and other non-state cybercriminals, some governments are increasingly engaged in cybersecurity violations of the assets and procedures of foreign governments and private sector organisations, as well as private citizens. In recent times, a national task force has been set up to address cybersecurity.This is a positive step, but may not be enough. Caribbean states need to be concerned not just about access to the positive possibilities that ICTs offer, or the protections that cyber-security aims to offer, but also about having the ability to influence the activities and rules of cyberspace.
If these issues relating to cybercrime are not dealt with urgently, we are in danger of reversing all the gains made by the investments in Information and Communications Technology. The public, government agencies, and businesses are all at risk as these digital crimes transcend all other categories of crime with the cost of cybercrime outstripping the front-running narcotic crime in 2007.
Nadine Maitland is a lecturer at the School of Computing and Information Technology, at the University of Technology Jamaica. Email feedback to firstname.lastname@example.org