Looks like attacking Jamaican Government websites is
a thing these days.
Back in March 2016, Minister of Science, Energy and
Technology Dr Andrew Wheatley, ordered a security audit of Government websites
as reported in the article “Wheatley
orders security audit of government websites”, published Tuesday, March 29,
2016, The Jamaica Observer.
This was most likely a knee-jerk reaction to the
hacking of the Ministry of Transport and Works website in February 2016 as
detailed in my blog
article entitled “How
Islamic Cybergroup Team Emirates hacked the Ministry of Transport and Works”.
Most likely, this report may have been the final
version of the preliminary Cyber Incident Response Report that then State
Minister of Science, Energy and Technology Julian Robinson had received from the CIRT (Cyber Incident
Response Team) as reported in the article “Robinson
receives report on gov't website hacking”, published Tuesday, January 27,
2015, The Jamaica Observer.
So has this made Jamaican Government websites any
safer?
Results
of the Cyber Incident Response Report - Culture of not caring about
Cybersecurity has to change
This Cyber Incident Response Report seems to not
have made much difference, as the vulnerability of most Jamaicans websites
isn't the websites itself; it’s the Government workers using the computers.
This was evident Monday June 22nd, 2015 when it was
reported that the JIS (Jamaica Information Website) was hacked by alleged ISIS
terrorists as noted in my blog article
entitled “Anatomy
of ISIS hack of the JIS Website - How the @JISNews Website was hacked and Why
Hactivists couldn't access sensitive GOJ Databases”.
The habits of Jamaica Government workers to click on
links in emails that look like PDF attachments with files that do not have a
*.pdf extension is the main problem. Educating Jamaica Government workers to be
more cautious is key.
They need to be more Cybersecurity-conscious and
call their IT Security people if they spot emails with attachment or links that
they do not know would also be very helpful as argued in my blog article
entitled “GOJ
securing Government Websites against Hackers - Linux-based GovNET to remove
Windows vulnerabilities and change Human Behaviour”.
This, however, is not being done, as many Jamaica
Government workers are going through the motion of work and often do not bother
with being concerned about Cybersecurity. So the culture of the Jamaica
Government workers within these various agencies, Executive bodies and
Government Ministries has to change.
No comments:
Post a Comment
Please register and leave you comments. For contact, leave an email or phone number and I'll be sure to get back to you.