Dig­i­cel Busi­ness con­tin­ues to pump mil­lions of dol­lars in­to its cy­ber­se­cu­ri­ty ser­vices as the com­pa­ny has seen an uptick in fraud­sters not on­ly em­a­nat­ing from T&T but al­so East­ern Eu­rope, Rus­sia, Chi­na, North Ko­rea, and most re­cent­ly Brazil in South Amer­i­ca.

“We in­vest mil­lions of dol­lars an­nu­al­ly to pro­tect our­selves from cy­ber crim­i­nals,” David Es­ler, gen­er­al man­ag­er of Dig­i­cel Busi­ness T&T, told the Sun­day Busi­ness Guardian.

He said it is “ab­solute­ly vi­tal” for the com­pa­ny not to be­come com­pla­cent, adding that it works with the best cy­ber­se­cu­ri­ty en­ti­ties in the world to safe­guard its brand.

Es­ler shared the lat­est sta­tis­tics on cy­ber­se­cu­ri­ty im­pact­ing the re­gion and the coun­try not­ing, “In the Caribbean, you’ve al­ready heard that as at May 2022, there were 144 mil­lion cy­ber threats.”

Drilling fur­ther down in­to vul­ner­a­bil­i­ties dis­cov­ered in T&T, Fortinet’s An­ti-Bot­net ser­vices de­tect­ed ap­prox­i­mate­ly 400,000 threats as of May 2022.

Fortinet, a glob­al renown cy­ber­se­cu­ri­ty firm, de­scribes bot­nets as “a net­work of com­put­ers in­fect­ed by mal­ware un­der the con­trol of a sin­gle at­tack­ing par­ty, known as the “bot -herder.”

Each ma­chine un­der the con­trol of the bot-herder is known as a bot.

What makes bot­nets dan­ger­ous, ac­cord­ing to the firm is their abil­i­ty to con­trol an or­gan­i­sa­tion’s com­put­er and use it (the com­put­er) to car­ry out at­tacks.

“Think about the rev­enue im­pact on your busi­ness if a bot­net ma­nip­u­lat­ed your com­put­er or the com­put­er of a com­pa­ny with whom you do busi­ness,” Es­ler said.

“What would be the im­pli­ca­tions for your com­pa­ny if your sup­pli­er’s sys­tem mal­func­tioned and you can’t re­ceive the nec­es­sary in­puts or ser­vices to op­er­ate? What would oc­cur if it hap­pened to one or sev­er­al of your trad­ing part­ners? Do you want to wait to find out? You can fall prey to cy­ber at­tacks/cy­ber theft with­out be­ing aware or present,” he said.

Cy­ber Se­cu­ri­ty Ven­tures, a re­search firm on cy­ber­se­cu­ri­ty fore­casts glob­al cy­ber­se­cu­ri­ty spend­ing to sur­pass $US1.75 tril­lion from 2021 to 2025.

Ad­di­tion­al­ly, Price­wa­ter­house­C­oop­ers’ (PwC) 2022 Glob­al Dig­i­tal Trust In­sights showed that more en­ti­ties are ex­pect­ing their cy­ber bud­get to grow com­pared to pre­vi­ous years.

Of these com­pa­nies, PwC in­di­cat­ed that over a third of them project dou­ble-dig­it cy­ber-spend­ing growth.

Not­ing that cy­ber­se­cu­ri­ty af­fects every­one, not just Dig­i­cel Busi­ness or its cus­tomers Es­ler ad­vised, “It’s re­al­ly im­por­tant that when it comes to cy­ber­se­cu­ri­ty it’s not just peo­ple who can ac­cess the in­ter­net or the banks look­ing af­ter re­al­ly sen­si­tive in­for­ma­tion.

Cy­ber crim­i­nals don’t care who they at­tack. All they care about is be­ing able to cause chaos, con­fu­sion and try to mon­e­tise cy­ber crime.”

On whether these at­tacks have re­sult­ed in a loss of Dig­i­cel’s cus­tomer base he said this was not the case as the com­pa­ny con­tin­ues to work and pro­tect cus­tomers’ in­for­ma­tion to mit­i­gate at­tacks.

How­ev­er, he ad­mit­ted when these events oc­cur, it does cause some lev­el of rep­u­ta­tion­al dam­age in the busi­ness that has been im­pact­ed.

“It does cause a lack of cus­tomer trust, and it does cost fi­nan­cial im­pact as well, not just in pay­ing for ran­somware at­tacks, not just be­cause they’re of­fline and un­able to con­duct their busi­ness. So cus­tomers can go out of busi­ness and they can stop trad­ing be­cause of a cy­ber at­tack. But we do every­thing we can to pro­tect our cus­tomers,” Es­ler main­tained.

He cit­ed that in 2021, the high­est type of at­tacks glob­al­ly were sys­tem in­tru­sions, rep­re­sent­ing around 40 per cent. More and more, Es­ler added, at­tack­ers are try­ing to find “ze­ro-day ex­ploits” mean­ing they are re­search­ing ap­pli­ca­tions and en­vi­ron­ments, try­ing to ex­ploit them, and try­ing to gain ac­cess to them.

“Some­times an at­tack hap­pens or an at­tack­er gains ac­cess to your sys­tem and you don’t even know. They are just in the net­work for weeks or months ob­serv­ing, copy­ing out your in­for­ma­tion, and un­der­stand­ing your net­work be­fore they try to hit you with ran­somware.”

If there’s no prop­er mon­i­tor­ing this will nev­er be known.

“Or if you’re not do­ing the prop­er due dili­gence you’ll nev­er find this out. T&T is very vul­ner­a­ble to these types of at­tacks and at­tack­ers don’t care if the coun­try is large or small – the on­ly thing they see is your weak­ness­es and the po­ten­tial to make mon­ey from ex­ploit­ing a com­pa­ny’s ex­po­sure,” Es­ler added.

Al­so speak­ing with the Sun­day Busi­ness Guardian was Dou­glas Thomas, Dig­i­cel Busi­ness Pro­tect Cy­ber Se­cu­ri­ty Ex­pert who al­so not­ed that there’s been “ne­far­i­ous ac­tiv­i­ty” com­ing in­to T&T as he iden­ti­fied that threats gen­er­al­ly come from East­ern Eu­rope, Rus­sia, Chi­na, and North Ko­rea.

He not­ed that these are the largest ar­eas from which threats em­anate es­pe­cial­ly be­cause East­ern Asia is not sanc­tioned and there is no con­trol or reg­u­la­tion re­gard­ing tech­nol­o­gy.

“So you ba­si­cal­ly have all types of hack­ing tools and soft­ware be­ing de­vel­oped and there are no reg­u­la­tions on it,” Thomas said.

On the is­sue of how long a busi­ness may last af­ter be­ing ex­posed to a cy­ber at­tack, da­ta from a Dig­i­cel Busi­ness sur­vey showed 60 per cent of small busi­ness­es close with­in six months af­ter be­ing hacked.

How­ev­er, the gen­er­al man­ag­er for Dig­i­cel Busi­ness T&T not­ed that the length of time that a busi­ness re­mains op­er­a­tional af­ter falling vic­tim can vary great­ly de­pend­ing on the sever­i­ty of the at­tack and the re­sources avail­able for re­cov­ery.

In some cas­es, Es­ler said a busi­ness may be able to re­cov­er quick­ly from a cy­ber at­tack and re­sume nor­mal op­er­a­tions with­in a mat­ter of hours or days.

For ex­am­ple, he ex­plained if the at­tack is lim­it­ed to a sin­gle sys­tem or de­vice, the busi­ness may be able to iso­late and con­tain the prob­lem and re­store nor­mal op­er­a­tions rel­a­tive­ly quick­ly.

How­ev­er, in oth­er cas­es, a cy­ber at­tack can be much more se­ri­ous and can re­sult in ex­tend­ed down­time for a busi­ness.

For ex­am­ple, Es­ler said if a busi­ness’ en­tire net­work is in­fect­ed with mal­ware or its da­ta is en­crypt­ed by ran­somware, the process of re­cov­ery can be much more com­plex and time-con­sum­ing.

In such cas­es, it may take weeks or even months for a busi­ness to ful­ly re­cov­er from a cy­ber at­tack.

Es­ler said the length of time a busi­ness re­mains op­er­a­tional af­ter a cy­ber at­tack can al­so de­pend on the re­sources avail­able to the busi­ness for re­cov­ery.

For ex­am­ple, he cit­ed that a larg­er busi­ness with a ded­i­cat­ed IT se­cu­ri­ty team and ro­bust dis­as­ter re­cov­ery sys­tems may be able to re­cov­er from an at­tack more quick­ly than a small­er busi­ness with lim­it­ed re­sources.

Cy­ber at­tacks, es­pe­cial­ly those linked with scams have been preva­lent in T&T and the re­gion in the last few months - with no­table hacks oc­cur­ring in su­per­mar­ket chains and oth­er com­pa­nies.

It was on­ly this week that the Bankers As­so­ci­a­tion of T&T (BATT) is­sued a press re­lease warn­ing of an ac­count shar­ing false in­for­ma­tion about a part­ner­ship with com­mer­cial banks in T&T to so­lic­it funds from un­sus­pect­ing in­di­vid­u­als.

“This is a scam and is not sanc­tioned by or af­fil­i­at­ed with BATT or any of its mem­ber banks. If you have seen any of these posts, please ig­nore. This is a fraud­u­lent ad and nei­ther BATT nor its mem­ber banks have giv­en any ap­proval to any­one to act on our be­half with re­spect to any pro­posed in­vest­ment scheme,” the or­gan­i­sa­tion ad­vised.