Local News Cyber attacks under-reported Marlon Madden09/07/20210377 views As cyber attacks surge and fraud schemes become more rampant in Barbados, officials are warning of the need for greater vigilance and oversight. Additionally, Information Risk Management Specialist Dwight Robinson has recommended that laws be introduced in Barbados to mandate companies to report cyber attacks so that the effects can be better understood and mitigated. “Here in Barbados we don’t have regulations that say attacks must be reported so it is difficult to quantify how prevalent attacks are here in Barbados. But I think since 2018 or so we have seen a couple attacks on supermarkets and individual firms, but the actual quantity is not numbered so we don’t know how prevalent they are,” said Robinson. “So we don’t know how many companies are being attacked, what kinds of attacks are prevalent and I think that is one thing that is lacking, that framework that requires that attacks on companies be reported to give a sense of businesses at least knowing how vulnerable they are and how prevalent attacks are here in Barbados, so they could know this is serious and ‘I am not a small company anymore. I am not just a five-employee organisation but I am equally vulnerable to attacks as well’,” he said. Robinson was addressing the third session of the 2021 Domestic Financial Institutions Conference on Thursday, which was co-hosted by the Central Bank of Barbados and the Financial Services Commission (FSC) and held online under the theme Navigating Risk in the Financial Sector. He said over the past year there has definitely been a marked increase in cyber attacks “in Barbados and globally”. “Right now it feels like the Wild Wild West when it comes to cyber attacks,” he said. “Every day you turn on the news there is a new attack on some company or some physical infrastructure. It is in hospitals, law firms even the [Metropolitan Transportation Authority] system in Europe was attacked recently.” Pointing out that attackers were becoming more sophisticated, he warned local businesses leaders and individuals to be cautious and do what they could to escape such occurrences. “I think for us here in Barbados we have to consider that we are not immune,” he stressed. “These organisations, if I may call them that, are actually criminal enterprises. They are not just lone wolves out there on the internet looking to attack individuals. These are criminal enterprises. That is the structure right now and that is one of the reasons they can have such a far reach in terms attacking companies and individuals across the globe,” he explained. Robinson, who is the Assistant Manager in Risk Advisory at Deloitte, said between 2014 and 2017 there was an obvious increase in attacks of a financial nature, which he said was due especially to the growth in cryptocurrency and bitcoin use. He also warned that with more people working remotely over the past year – taking them away from their companies’ network – this created a higher risk for cyber attacks. “They are most likely to click on an email and not pay attention that is something malicious. They might also have a laptop that doesn’t have up-to-date software, and that then exposes the organisation as well. So it has been a difficult time for organisations and it has been like Christmas for criminals.” Robinson recommended that individuals better manage their passwords, be sceptical about emails that come with attachments and double-check and triple-check social media messages before clicking on links or giving out personal information. Meanwhile, Director of Risk Analytics at the FSC Gayle Marshall cautioned individuals to seek information from reputable sources before getting involved in various “investment” schemes that were being widely advertised. She said it was no secret that over the past several months a number of residents have been losing their money to the newer types of ventures including the controversial “blessing circles” and its more popular kin, the pyramid scheme. “In this current environment there are not a wide variety of products for persons to invest in and the COVID pandemic has created quite a bit of uncertainty with increased unemployment, job security and increased credit risk at the financial institutions. So what has been happening is that there have been newer types of investment products entering the market, some of which are not yet regulated and therefore have a higher potential of exposure to risk,” she explained. Marshall urged individuals to get as much information as they could about any investment scheme from reputable sources before getting involved. “Social media is being widely used to spread marketing information about the products and the schemes, but it doesn’t necessarily spread as much of the risk information that is usually communicated if persons actually use the proper channels and go to the people who have the knowledge to explain the risk properly to them. An example of this would be the blessing circles. Those have been very controversial over the past few months and something that is getting quite a bit of attention from the regulators,” said Marshall. Last month, officials of the Fair Trading Commission (FTC) indicated that they would be looking at the possibility of putting a regulatory framework in place to deal with those schemes. (MM)