Police Investigating Hacking of JIS Website
By: June 25, 2015 ,The Key Point:
The Facts
- These are: Culture, Health, Arts, Sports, and Education (CHASE) Fund; G.C. Foster College; Social Development Commission (SDC); Houses of Parliament; and Jamaica National Commission for UNESCO.
- Mr. Robinson informed that the Jamaica Constabulary Force (JCF) has committed resources “to try and identify the source of this cybercriminal activity,” which occurred on June 22.
The Full Story
Science, Technology, Energy and Mining State Minister, Hon. Julian Robinson, says the police have commenced investigations into the hacking of the Jamaica Information Service (JIS) website, and those of five other entities, which the JIS hosts.
These are: Culture, Health, Arts, Sports, and Education (CHASE) Fund; G.C. Foster College; Social Development Commission (SDC); Houses of Parliament; and Jamaica National Commission for UNESCO.
Speaking with JIS News on Thursday (June 25), Mr. Robinson informed that the Jamaica Constabulary Force (JCF) has committed resources “to try and identify the source of this cybercriminal activity,” which occurred on June 22.
“We don’t know (as yet) whether it’s local (or) whether (it emanated from) overseas. (But) there were certain things that were posted, which we have to treat with seriously, as a country,” he said.
Mr. Robinson also advised that the Cyber Incidents Response Team (CIRT), which responded when the breach was identified, is continuing work to ensure that all potential “loopholes” are closed, “so that we can prevent future attacks.”
CIRT is comprised of technical officers from several Ministries, Departments and Agencies, including the JCF.
The State Minister, again, expressed satisfaction with the extent of work undertaken by the personnel involved, which ensured that the six sites “were restored within a couple of hours.”
“The reality of what we are dealing with…is very clear. As a country and as a Government, we are the target of…cybercriminals, and we are moving to ensure that we can implement common standards and measures to address the issue,” he stated.
In addition to the establishment of CIRT, comprising persons with extensive training and experience in cybersecurity, there is also the pending amendments to the Cybercrimes Act, acquisition of equipment, training of officers, and ensuring that systems are resilient and robust in the face of threats. Alerts and advisories are issued regularly as part of a set of established protocols.
A Chief Information Officer has been appointed to ensure that standards will be maintained across the Government and this would help with best practices.
Mr. Robinson also advised that a public education campaign is to be undertaken, to heighten awareness about cybersecurity.
The JIS website began to experience difficulties between 9:02 p.m. and 9:38 p.m. on June 22. It was taken offline for maintenance shortly thereafter and was restored by the JIS web team, which conducted recovery procedures within four hours.
Preliminary findings revealed that the attempts of the “hactivists” at breaching the system did not result in access to sensitive information, but was constrained to “surface defacement,” and no data was corrupted.
The CIRT team said that it has seen a number of activities from more than 500 blacklisted IP addresses used by cyberterrorists. They span several countries and took place within an hour.