Anyone attempting to access the Ministry of Public Infrastructure website last evening was greeted by a message declaring the space owned by Egyptian Hackers, a development which has crystalized a fear expressed by local technological experts that Government’s Cyber security is not up to par.
“It shows how porous the security/infrastructure is at the moment. The government is making moves to digitize agencies and put government services online and this shows that all those services would be vulnerable,” Rowen Willabus, who publicized the breach, told Stabroek News last evening.
Willabus who is a Chief Executive Officer (CEO) of Intellect Storm (IS), a local IT solutions company has for more than a month been attempting to draw attention to the cracks in government’s security infrastructure.
On April 12 he noted on his Facebook page that “With our new found wealth, government and private entities in Guyana will become bigger targets on the internet and attention must be placed in cyber security.”
This post followed one a week earlier where he identified a hack of the Ministry of Finance (MoF) website. The compromised site was infecting computer systems of visitors with Malware. In that post Willabus called on MoF to get their website “in order”. One week later they appeared to have done so.
He told Stabroek News that often these hackers are simply doing this for “fun.”
What they did was scan parts of the internet for servers with vulnerabilities” and for no other reason other than fun they can destabilize essential services, he explained.
In Guyana’s case an increased international profile could bring more attacks as “people will start targeting our systems, aiming for access to information and the presence of oil will make it worse.”
Asked to describe a worst-case scenario, he cited a loss of all data at the Guyana Revenue Authority (GRA) which is the main repository of financial information for both individuals and companies. He noted that in the case of the MoF infection the possibility existed for the malware to compromise their internal servers allowing the attacker to then gain access to the internal systems and all the data stored there.
Willabus further explained that the recently tabled Cybercrime Bill does not cater for any such attacks and stressed that in Guyana, “we don’t have the necessary skill to investigate and charge anyone as it is cross border”