Government Takes Action to Secure Public Sector Websites

The Government of Jamaica is taking urgent steps to ensure the security of public sector websites.

Speaking with JIS News, today (June 23), Minister of State in the Ministry of Science, Technology, Energy and Mining, Hon. Julian Robinson, said that “since a breach last year, we have acquired well needed equipment, trained a number of officers and have been focusing on ensuring that systems are resilient and robust in the face of threats.”

He pointed out that with the recent appointment of a Chief Information Officer, standards will be maintained across government and this would help with best practices.

Alerts and advisories are issued regularly as part of a set of protocols established when the last breach occurred. Last week an alert was issued advising Management Information Systems (MIS) officers about malware circulating on the Government of Jamaica’s network. This resulted in early containment of the spread.

“Implementation of the National Cybersecurity strategy is well underway with the training of key officers across government. These officers are a part of the Computer Incident Response Team (CIRT),” the State Minister added.

Mr. Robinson was speaking against the background of an attack on the website of the JIS late last night (June 22).

The State Minister explained that the National Cybersecurity Task Force met last week and should be meeting by Friday (June 26), to execute the other elements of the strategy. These are human resources and capacity building, technical measures, legal and regulatory framework and heightening public education and awareness of cyber security issues.

A team of investigators from the Communication and Cybercrime Forensic Unit and the Major Organised Crime and Anti-Corruption Agency (MOCA) of the Jamaica Constabulary Force (JCF), including Detective Inspectors Patrick Linton and Dwayne Daley and members of CIRT are at the JIS to assist the web team with identifying the source of attacks.

The team said that it has seen a number of activities from more than 500 blacklisted IP addresses used by cyber terrorists. They span several countries and took place within an hour.

The JIS website began to experience difficulties between 9:02 p.m. and 9:38 p.m. on June 22. It was taken offline for maintenance shortly thereafter and was restored by the JIS web team, which conducted recovery procedures within four hours.

Preliminary findings revealed that the attempts of the “hactivists” at breaching the system did not result in access to sensitive information, but was constrained to “surface defacement.” The Agency is confirming that no data was corrupted.

On June 17, hacker collective Anonymous claimed responsibility for taking several dozens of Canadian Government websites offline for hours. Earlier this year, Twitter and Youtube accounts of the US Central Military Command (Centcom) were hacked by a group calling itself the “CyberCaliphate.”

Hackers suspected to be part of the Middle East terror group, ISIS, claimed responsibility for the dangerous hack of US Defence Department accounts. The accounts belonged to the Pentagon and Centcom. Pro-ISIS hackers launched an ‘unprecedented’ wave of cyber-attacks on 19,000 French websites in January this year.