BitDepthFeatured

Where hackers begin

3 Mins read
  • Hackers exploit vulnerabilities in technology, processes, and human behavior.
  • Government, manufacturers, vendors, and users must collaborate to address cybersecurity challenges.
  • Focus on fundamental security measures like backups, segmentation, antivirus, and firewalls.

Above: Huawei’s Gabriel Nunez. Photo by Mark Lyndersay.

BitDepth#1488 for December 09, 2024

“We realised, in almost every single [digital breach] incident, the first thing is the hack,” said Anthony Peyson, president of the regional chapter of ISC2 on November 30 at the association’s inaugural Scam Defence 2024 seminar.

“You can hack technology. We know about hacking technology where the hacker breaks into systems. You can hack a process. You don’t often find a spotlight on that. And you can hack a human.”

ISC2 is the merciful acronym for the International Information System Security Certification Consortium, a global collaboration of cybersecurity professionals.
The Caribbean chapter was formed earlier in 2024 in the face of the global surge in cyber threats.

According to Peyson, Latin America and the Caribbean have faced 137 billion cyberattacks in the first half of 2024 alone, a 50 per cent rise over the same period in 2023.

The Scam Defence seminar was the first of a planned annual symposium discussing developments in cybersecurity and the changing face of how access to personally identifiable information (PII) from companies and individuals is being engineered.

The regional chapter has determined that the biggest challenge the Caribbean faces is phishing (fake emails and web links) and smishing (fake SMS text messages), both facets of growing sophistication in social engineering techniques.

“We are here to raise awareness, to educate the public and to foster collaboration, we are community,” Peyson said.

Anthony Peyson speaking at the 2024 ISC2 Scam Defence seminar. Photo by Mark Lyndersay.

At stake is the vulnerability of growing digital and intelligent economies to hacker takedowns.

Gabriel Nunez, Huawei’s Cybersecurity and Data Protection Officer for Latin America and the Caribbean believes that economy will grow from US$3.6 trillion in 2020 to $18.8 trillion by 2030.

Nunez saw parallels between how traffic is handled successfully through a collaboration of government and regulators, manufacturers, vendors, users and system architectures that might better protect digital systems.

“Government and regulators develop laws and supervise enforcement, manufacturers produce qualified equipment to international standards, vendors are certified and follow the rules and users comply with laws and rules and avoid known dangers,” Nunez said.

“No one can solve the traffic problem. Alone, they will not solve the traffic problem. We all have to interact.”

The world is moving, though far more slowly than the Internet’s bad actors, toward that kind of collaborative thinking.

Digital nation strategies have been released by 170 countries and regions and more than 60 countries have elevated AI in their national strategy. Action plans for green development have been released by 151 countries and regions.

All 193 UN member states can contribute to the draft UN Convention against Cybercrime, which includes legal support to support the criminalisation and prosecution of 11 key cybersecurity crimes across all UN nations.

Meanwhile, Caribbean nations can also consider benchmarking against the Global System for Mobile Communications Association’s (GSMA) Network Equipment Security Assurance Scheme (NESAS), which has been widely adopted and the association’s Mobile Cybersecurity Knowledge Base (MCKB), which has been adopted by 13 countries.

From Mr Nunez’ presentation.

Both voluntary standards align with the telecommunications safety standards proposed by the 3rd Generation Partnership Project (3GPP).

There’s no shortage of acronyms and technicalities available in the backroom of technology, but the real challenge facing cybersecurity experts is balancing the need to explain the dangers that users face – both as individuals and on behalf of the companies they work for – with the diligence they need to safely work with internet-connected computers.

The consequences of failure for the region on this critical frontline are dire.

“When we go in and we do a root cause analysis to figure out exactly what happened, what we realize is that it’s very small things that add up all together and lead to a full compromise,” said Anish Bachu, Manager of the TT Cybersecurity Incident Response Team.

Anish Bachu, Manager, TTCSIRT. Photograph by Mark Lyndersay

“So when we’re looking at defending ourselves, the emphasis should be on doing the basics well. We [should] have good backups, good [network] segmentation, antivirus and firewalls in place.”

“As soon as we see (a phishing attempt) on social media, our team acts to have the links they lead to taken down. That’s part of our responsibility right there.”

“Phishing that takes you to a particular site, we act to take that site down as soon as we are aware of it. So even if somebody comes after and clicks on the phishing link, it goes nowhere.”

According to Bachu, there were 52 breaches reported to the TTCSIRT in 2023 and 78 so far in 2024. He estimates that unreported breaches will increase those numbers by 20 per cent.

In addition to greater user awareness, there needs to be clearer reporting lines to action teams like TTCSIRT for the public and more active internal reporting of dubious messages and texts within companies.

Next week, the hacks that keep regional cybersecurity professionals awake at night.

Where hackers begin

Where hackers begin

Digital nation strategies have been released by 170 countries and regions and more than 60 countries have elevated AI in their national strategy.
Read More
Blue skies for microblogging?

Blue skies for microblogging?

Bluesky hit its current high of 23 million users faster than expected, but it’s way behind X.
Read More
The apps that thrive in Apple’s ecosystem

The apps that thrive in Apple’s ecosystem

By Apple's own yardstick an app that shares usable data across three devices is acceptable one that synchronises with four is a winner.
Read More
America’s open mic moment

America’s open mic moment

What made online pundits so effective in the US election?
Read More
The press and the president-elect

The press and the president-elect

Beyond the president-elect's often-expressed intent to retaliate against journalists he believes are unfairly attacking him is the agenda of Project 2025.
Read More
All washed up

All washed up

Dirt on its own will simply shake out of fabric. What keeps it in place is oil and grease, readily generated by human skin.
Read More
The state of Caribbean digital transformation

The state of Caribbean digital transformation

Despite 87 per cent believing that digital will disrupt their industry, 87 per cent acknowledged that they don't have the right leaders
Read More
The WordPress War

The WordPress War

WPEngine and the websites of its customers were blocked from the WordPress log-in system theme and plug-in updates and other background processes that enable a Wordpress website.
Read More
A budget of concrete and asphalt

A budget of concrete and asphalt

Four years after Hassel Bacchus took up the pioneering role of Digital Transformation Minister, the 2025 budget could not identify any completed transformation project that's positively affected citizens.
Read More
Arima’s first step toward becoming a smart city

Arima’s first step toward becoming a smart city

The public WiFi was officially activated on September 28 at the hospital, and it's fast. A local ping registered 250 megabits of download speed and 126 for upload.
Read More
Now hear this!

Now hear this!

Budget headsets will effectively dampen ambient sounds, but tend to be an all or nothing solution.
Read More
A taxing time for all

A taxing time for all

Tax collection began using the least customer-friendly interface imaginable, lines outside a government building.
Read More
Mobile devices, a war of increments

Mobile devices, a war of increments

Mixing and matching the two rival ecosystems is essentially impossible, so it's the utility of the products combined that makes the biggest difference.
Read More
Why cash is king in Trinidad and Tobago

Why cash is king in Trinidad and Tobago

In 2017, 16 per cent of users owned a credit card, a figure that dropped to 15 per cent by 2023.
Read More
I shopped at Temu!

I shopped at Temu!

Temu is great fun to explore and offers many bargains but product quality can be wildly variable.
Read More
What’s needed to make e-Governance happen?

What’s needed to make e-Governance happen?

“If we look at successful governments that have achieved a certain level in of success in these programs, some things stand out."
Read More
Changing the education conversation

Changing the education conversation

There are local schools that aspire to continuous improvement and others that struggle to make it through a working day without bloodshed.
Read More
Practical steps to reducing cybersecurity risks

Practical steps to reducing cybersecurity risks

The process, to be effective, must be ongoing and managed to ensure that vendors meet required standards.
Read More
The consequences of careless code

The consequences of careless code

The cruel reality of Crowdstrike is that it wasn't a cybersecurity attack. It was a quality of service lapse and the incident puts IT professionals in an odd space.
Read More
What leaders are doing to enable digital transformation

What leaders are doing to enable digital transformation

If people in your organisation are coming to you, telling you we need to change these things, you really should listen.
Read More
Where hackers begin Where hackers begin
Blue skies for microblogging? Blue skies for microblogging?
The apps that thrive in Apple’s ecosystem The apps that thrive in Apple’s...
America’s open mic moment America’s open mic moment
The press and the president-elect The press and the president-elect
All washed up All washed up
The state of Caribbean digital transformation The state of Caribbean digital transformation
The WordPress War The WordPress War
A budget of concrete and asphalt A budget of concrete and asphalt
Arima’s first step toward becoming a smart city Arima’s first step toward becoming a...
Now hear this! Now hear this!
A taxing time for all A taxing time for all
Mobile devices, a war of increments Mobile devices, a war of increments
Why cash is king in Trinidad and Tobago Why cash is king in Trinidad...
I shopped at Temu! I shopped at Temu!
What’s needed to make e-Governance happen? What’s needed to make e-Governance happen?
Changing the education conversation Changing the education conversation
Practical steps to reducing cybersecurity risks Practical steps to reducing cybersecurity risks
The consequences of careless code The consequences of careless code
What leaders are doing to enable digital transformation What leaders are doing to enable...

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

Related posts
Press Releases

Samsung extends Knox security to its home appliances

2 Mins read
Knox Matrix is a security solution that comprehensively protects connected devices and networks using private blockchain technology.
BitDepthFeatured

Practical steps to reducing cybersecurity risks

4 Mins read
The process, to be effective, must be ongoing and managed to ensure that vendors meet required standards.
BitDepthFeatured

The consequences of careless code

5 Mins read
The cruel reality of Crowdstrike is that it wasn’t a cybersecurity attack. It was a quality of service lapse and the incident puts IT professionals in an odd space.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
×
BitDepthFeatured

Flexxon introduces silicon-level cybersecurity protection to TT

0
Share your perspective in the comments!x
()
x