April 5, 2022. Trinidad Express, a major news outlet, published an interview where Ricardo Martinez, Chief Revenue Officer, and Dorian Dyer, Vicepresident Business Development at DigitalEra Group, told Express Business how the issue of cybersecurity has become pressing with the world’s swift adaptation to digital during the Covid-19 pandemic.
Mr. Dyer told Express Business that in recent weeks there have been cyber attacks in Barbados and Saint Martin.
“That is more than usual. These attacks were done by big ransomware gangs. So we had two attacks in short order. That’s more than usual for the Caribbean. So yeah, we’re seeing an increase. Absolutely,” he said.
DigitalEra Group is a Florida-based, specialized solutions provider that offers Cybersecurity Consulting, Strategy, and Services, and has been in business for over 20 years.
Mr. Dyer describes cyber attacks as a scourge.
And with more companies having a digital presence because of the pandemic, he stressed the need for all companies, even SMEs to beef up their cyber security.
Ricardo Martinez, the company’s chief revenue officer pointed out that the cyber attacks have become more newsworthy because of their impact on the companies that are targeted.
“Security breaches have been happening forever. Now, it’s how the organization responds and the level of impact. Ransomware is a very unique type of attack because it really puts the company to a halt because everything is encrypted. There’s a tremendous amount of visibility. And also, a lot of organizations that are relying on digital technology today cannot offer that service so everybody is made aware—so if you have a bank that has your online banking and you’re trying to log into your bank account, and then all of a sudden it says we’re out of service, you kind of think that’s suspicious. So that obviously raises a lot of red flags.
“I think that’s the trend that you’ve been seeing, that since certain organizations are being impacted and get external visibility, that’s what makes it newsworthy. And that’s why more people are becoming aware of these types of events. It doesn’t mean that in the past, they haven’t had breaches or they haven’t had attacks or even malware in the organization. It’s just that it wasn’t as visible as it is today,” Martinez explained.
He observed that in the United States, companies have to disclose when there’s been a breach because there’s personally identifiable information.
“You’re required by law to provide those victims of their information being stolen with credit reports and credit access. In the region, we don’t necessarily have that,” Martinez added.
Is the region being targeted?
“I do think that the region is being targeted, I mean all organizations are being targeted. But obviously, when one is impacted and they do actually pay the ransom, it’s a great target for other hackers to go and try to get their piece of the pie and get paid,” said Martinez.
He said that unfortunately what happens is that companies pay the ransom in cryptocurrency.
He explained that when an attack actually occurs, it happens after the ransomware has been inside the organization for weeks or even months.
“They’ve been doing reconnaissance, finding out what critical information the organization has, looking to see if they have backups and making sure that they delete those backups. So at the time that they encrypt, it’s already too late. So when that organization says, okay, let’s just restore the backup like oh, wait a minute, we have no backups. So if they really want to restore information they either pay or they’re not going to get that data back,” he said.
He observed that paying the ransom is sometimes the only way to restore critical information.
Martinez said it’s one of the services which DigitalEra offers to its customers.
“These ransom organizations are very organized. It’s organized crime,” he said.
Martinez observed that while it’s a crime to be extorted, the wire transfer is the person’s choice.
Mr. Dyer said there exists no regulation which forbids payments to ransomware in the Caribbean and that there are limited to no consequences for cyber attacks.
“Every time there’s ransomware and there’s a breach, we try to get a copy of the code that was used to encrypt and to understand where is it coming from, who were the threat actors, and we kind of reverse engineer to find out... Oh, this was Russian-made or this was Chinese or this was by several characteristics within the code. But it’s kind of very difficult to really pinpoint it,” he said.
Roger Biran, English Caribbean territory manager for the group told the Express Business that the organization moved from being an indirect distributor of software to now a hands-on distributor during the pandemic.
“Through our vast experience, human resource expertise (including ex-NASA security experts), and partner engagements we have amassed a great understanding of the ever-evolving cyber-risk landscape. We consider ourselves thought-leaders and work closely with clients, including large governmental organizations, regional financial institutions, and many large-scale companies, to improve their overall cybersecurity risk posture,” he said.
But what guarantee do customers have with their security software?
“In cybersecurity, there is no guarantee, the most you can do is your best effort. And obviously, that’s kind of the approach that we’ve been addressing with our customers—really doing your best effort to make sure that things are secure and putting the best foot forward. For a lot of organizations, the vast majority of breaches could have been avoided by putting basic security controls as an example. A lot of organizations are still relying on a technology that’s 20 years old, and they haven’t updated to next-generation technology. There are over 3,000 security vendors out there and all of them have advanced technology and there are so many ways that adversaries are getting into organizations, that you really have to put your best foot forward and make sure that you’re addressing the majority of those in the best way possible. So as a guarantee, there is no guarantee but we can ensure that if we put the basic controls that we are much better than most,” said Martinez.
When hackers attack.
In October 2020 local conglomerate, ANSA McAL, was a victim of ransomware hackers who reportedly infiltrated some of the company’s IT systems. The attack apparently began at ANSA McAL’s operations in Barbados, specifically, the automotive sector.
One month after, the Port of Spain Corporation fell prey to a cyberattack, which delayed the ability of the Corporation to pay 1,300 daily paid workers on time.
Link to the original article published by Trinidad Express: https://trinidadexpress.com/business/local/cyber-attacks-in-the-region-on-the-rise/article_f6421100-b54e-11ec-8814-031485c6edf8.html
DigitalEra is a leading solution provider of network and cybersecurity products and services, serving major business, education and governmental agencies throughout the US. In addition to access to the most sophisticated and effective security products, DigitalEra provides expert guidance on use as well as ongoing security counsel and insights that help their clients prevent security breaches and mitigate threats. For more information, visit:www.digitaleragroup.com.