IS SAINT LUCIA SAFE?

Twenty years ago, who would have imagined that today when the President of the USA sat down with his Chinese counterpart that the Number 1 item on the agenda would be Cyber Security? Over the past few months these countries have both accused each other of industrial espionage (spying). The US claims that nearly 40 weapons pentagon programs and other defense technologies were compromised by China earlier this year. Even Google has been hit by China. The Chinese, conversely have accused the US of hacking into their defense ministry, even releasing IP addresses of the US attackers. Should Saint Lucia and the rest of CARICOM take heed of these talks? Or do we believe that we are immune to these kinds of attacks?

That the US (in conjunction with Israel) infiltrated Iran’s nuclear program, with a worm called ‘Tuxnet’, setting back the program a number of years is also no secret – another clear demonstration of the power of computer programmers.

My own Internet router at home was the target of an attack a few months ago. I was alerted to this happening only after I noticed a dramatic decrease in my Internet speed - had negligently left my router with the default login credentials (the well-known “username” and “password” (admin; admin)) - something which I am fully aware is not best practice and preach against to my friends all the time. This enabled an attacker on the Internet to log on to my router, copy and run a program on it, making me part of a larger malicious network, for the purposes of launching a Denial-of-Service (DoS) attack on a third party. Of course, in the end, I learned that you should ‘practice what you preach’ and ‘procrastination does not pay!’.

In an increasingly automated world, cyber-attacks can literally bring the world to a halt! Attackers can now interrupt the power grid, interrupt the flow of oil, shutdown banks, manipulate air traffic, take down complete telecommunication networks and so on - all from the remote comfort of their homes – on as little as a cellphone - be it be from Alaska, Australia, Timbuktu or Saint Lucia.

Recently, The Caribbean Association of Banks (CAB) issued a security alert in connection with a breach at a data center in Barbados. Several banks and financial institutions were affected, according to the release. This caused several banks (including some based in Saint Lucia) to issue new credit cards to clients. Similarly, a nationwide credit-card recall across all banks was triggered a few months ago, following a security breach in the Bahamas.

Vulnerabilities are discovered almost every day in the various Operating Systems (OS); Windows, Linux, OS X, Android, iOS, Blackberry OS, etc. These zero-day vulnerabilities (i.e. a previously unknown vulnerability) inevitably put us in a state of constant risk. You are almost helpless against attacks targeting such vulnerabilities until a ‘fix’ is release by the experts.

So how can you protect yourself; how do you mitigate against these ever present risk; - in as smart as a computer is, nothing beats human perception. Always be on the lookout for suspicious emails and websites. Even the best security software wouldn't protect when you are careless (whether intentionally or naively). Are your passwords strong enough, do you change them periodically and do you use distinct passwords on different accounts; is your firewall up and running, is your antivirus up to date? Have you run a complete system scan lately? Do you use additional malware software to support your antivirus? Have you installed the latest OS patches by the manufacturer? Do you encrypt your most confidential data? Did you know that your ‘smart’ phone is actually a mini-computer and as such should be treated as what it is – a computer! A malicious cell phone app(even from legitimate sources such as Apple Store, Google Play, or Blackberry App World) can steal your contacts, SMS messages, credit card information, pictures and any other data stored on your phone and upload it unsuspectingly to a remote location anywhere around the world. Be careful! Be alert! If not certain, seek the assistance of a security expert.