National Cyber Security Strategy Coming
A National Cybersecurity Strategy, aimed at providing robust cyber defence frameworks and systems, is currently being devised for Barbados. Minister with responsibility for Telecommunications, Senator Darcy Boyce, says the need for such a strategy was now “critical and urgent”, as Barbados faced the challenges posed by cybercrime and the changing nature of cyber threats. Addressing the opening ceremony of the first ever National Internet Governance Forum for Barbados, Senator Boyce noted: “We are now dealing with a new form of organised cybercrime aimed at financial gains, with an expansion of the types of threats to various platforms and to various countries. “Spam has evolved to become a vehicle for delivering more dangerous payloads such as the dissemination of viruses, worms and Trojans that are today a means for online financial fraud, identity or trade-secret theft, as well as various other forms of cyber threats.” Senator Boyce also highlighted the challenges being posed by drones, stating that while they provided tremendous commercial benefits in areas such as surveying and mapping, security and aerial photography, there was also the potential for infringement of safety and invasion of privacy. The Telecommunications Minister assured his audience that while some preliminary work had already been done in respect of the proposed National Cybersecurity Strategy, Government intended to involve all stakeholders in the framing of the initiative. Assistance will also be sought from international partners who had done work in this area, he added. He explained that the new framework will include a revision and revamping of legislation to provide the required security, including work on the Computer Misuse Act, the Electronic Transactions Act, the Telecommunications Act and the Copyright Act. New legislation might also have to be put in place, he stated. Article compliments GIS.
St Lucia’s citizenship by investment boss ‘sent on leave’
Reports from St Lucia indicate that the head of the nation’s Citizenship by Investment Unit (CIU) has been sent on administrative leave. HTS News4orce said it has been “reliably informed” that Cindy McLean, chief executive officer of the (CIU) is now on leave “with immediate effect”. No further details on this move are available. She has been the agency’s CEO since October 2015. Last month she gave a conflicting account on CIU policy following the release of a joint statement from Invest St Lucia and and the CIU regarding the Desert Star Holdings project. Unaware The statement, and the delay in issuing it, was jumped on the by opposition St Lucia Labour Party, who warned that the two organisations should not “mislead the people”. Speaking in an exclusive with HTS News4orce, McLean said she was “not aware” of the statement, and it was published when she was off-island. It is strictly against CIU policy to publish or publicly disclose the status of ongoing negotiations with investors, she added. No timeframe for McLeans leave has been announced. WIC News has approached the government, CIU and St Lucia Labour Party for comment on the matter. Article compliments IFC Review.
Ransomware virus hits computer servers across Europe
A major ransomware attack on Tuesday hit computers at Russia’s biggest oil company, the country’s banks, Ukraine’s international airport as well as global shipping firm A.P. Moller-Maersk. Moscow-based cyber security firm Group IB said hackers had exploited code developed by the U.S. National Security Agency (NSA) which was leaked and then used in the WannaCry ransomware attack that caused global disruption in May. One of the victims of Tuesday’s cyber attack, a Ukrainian media company, said its computers were blocked and it had received a demand for $300 worth of the Bitcoin crypto-currency to restore access to its files. “If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service,” the message said, according to a screenshot posted by Ukraine’s Channel 24. The same message appeared on computers at Maersk offices in Rotterdam, according to screenshots posted on local media. The Danish shipping giant said it had been hit across multiple regions by a computer outage. “We can confirm the breakdown is caused by a cyber attack,” a spokeswoman said. Other companies that said they had been hit by a presumed cyber attack included Russian metal maker Evraz, French construction materials firm Saint Gobain and the world’s biggest advertising agency, WPP – though it was not clear if their problems were caused by the same virus. Food company Mondelez International also said its staff in different regions were experiencing technical problems. WANNACRY AGAIN Cyber security firms scrambled to understand the scope and impact of the attacks, seeking to confirm suspicions hackers had leveraged the same type of NSA hacking tool exploited by WannaCry and to identify ways to stop the onslaught. Researchers with multiple firms identified the ransomware as Petya, malware that makes computers inoperable by encrypting their hard drives and demands ransoms in exchange for a digital key to restore access. “It’s like WannaCry all over again,” said F-Secure Chief Research Officer Mikko Hypponen. He said it was highly likely the attack had exploited the NSA hacking tool and he expected the outbreak to be reported in the Americas soon, as workers turned on vulnerable machines, allowing the virus to attack. “Nothing is stopping Petya now. This could hit the U.S.A. pretty bad,” he said. The first reports of disruption emerged from Russia and Ukraine, with Ukraine’s Prime Minister Volodymyr Groysman describing the attacks on his country as “unprecedented”. An advisor to Ukraine’s interior minister said the virus got into computer systems via “phishing” emails written in Russian and Ukrainian designed to lure employees into opening them. In Russia, Rosneft, one of the world’s biggest oil producers, said its crude production had not been affected by the outage. The company’s website went down for at least two hours but was back up by 1450 GMT. “The hacking attack could lead to serious consequences, but the company has moved to a reserve production processing system and neither oil output nor refining have been stopped,” it said on Twitter. In Ukraine, Yevhen Dykhne, director of the capital’s Boryspil Airport, said it had been hit too. “In connection with the irregular situation, some flight delays are possible,” Dykhne said in a post on Facebook. Ukrainian Deputy Prime Minister Pavlo Rozenko said the government’s computer network had gone down and posted a picture on Twitter of a computer screen with an error message. The Ukrainian central bank said a number of banks and companies, including the state power distributor, were hit by a cyber attack that disrupted some operations. “As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations,” the central bank said in a statement. Article compliments Reuters.