Rishard Khan

rishard.khan@guardian.co.tt

While the TTPS is in­ves­ti­gat­ing the bomb threat sent to sev­er­al schools yes­ter­day, cy­ber­se­cu­ri­ty ex­perts be­lieve find­ing the source of the email will be a chal­lenge for them.

The email, which Guardian Me­dia ver­i­fied through the TTPS, was sent from an ad­dress with an un­com­mon do­main. Ac­cord­ing to the do­main’s web­site, on­ly the user has ac­cess to their in­for­ma­tion.

“The in­for­ma­tion in our servers is not stored, sent or processed in an open form. We do not have ac­cess to the users’ pass­words and en­cryp­tion keys. All da­ta is en­crypt­ed on the client’s de­vice and then trans­ferred to us. This means that nei­ther we, nor any third par­ty can de­crypt the in­for­ma­tion we store and ac­cess the con­tents of let­ters or files with­out the user’s knowl­edge,” the email said.

Dig­i­tal an­thro­pol­o­gist at Cy­ber­safeTT Daren Dho­ray, who is fa­mil­iar with the site, said this will pose a chal­lenge to lo­cal au­thor­i­ties. He said this was not an in­dict­ment on the abil­i­ty of the TTPS but rather the com­plex na­ture of the do­main used.

“If it was a reg­u­lar email, you would have had greater chances of trac­ing it back. There are ser­vices such as (do­main name called) which al­low you to send, as it says, en­crypt­ed and anony­mous type emails. It was built for that pur­pose so that it’s very dif­fi­cult, I wouldn’t say im­pos­si­ble, but very dif­fi­cult to ac­tu­al­ly...trace,” he said.

“You’d more than like­ly have to get in con­tact with the com­pa­ny it­self and they will prob­a­bly not work with pro­tec­tive ser­vices be­cause they have built their sys­tems to be able to send un­trace­able emails.”

De­spite this, he said, the po­lice may be able to, at the very least, pin­point a ge­o­graph­ic lo­ca­tion where the threat orig­i­nat­ed.

Pri­va­cy Ad­vi­so­ry Ser­vices Lim­it­ed man­ag­ing di­rec­tor Rishi Ma­haraj shared a sim­i­lar sen­ti­ment. He does not be­lieve any­thing is “un­trace­able” but in­ves­ti­ga­tors’ chal­lenge will de­pend on the lay­ers used by the sender to hide their tracks.

Com­ment­ing on the lan­guage used in the email, Dho­ray said while all threats need to be tak­en se­ri­ous­ly, the gram­mat­i­cal er­rors present could in­di­cate the threat was trans­lat­ed from an­oth­er lan­guage.

“It seems to be a trans­lat­ed email. The Eng­lish is not straight­for­ward. So, I hope that the au­thor­i­ties don’t just take it to be...a joke, or a rea­son for stu­dents to stay home from school,” he said.

Ma­haraj be­lieves the lan­guage used was se­lect­ed specif­i­cal­ly to cause fear and pan­ic. He said he would not doubt that who­ev­er sent the email found a mes­sage on­line and tai­lored it for T&T.

“There are dif­fer­ent fo­rums that ex­ist on­line where you can go and get these kinds of things and just take it down and sim­ple, easy trans­la­tion tools you can use like Google trans­late to...see what it means and see whether or not this fits your fan­cy and then you just send it out,” he said.