Govt probes cybersecurity attacks on several ministries, State agencies

Govt probes cybersecurity attacks on several ministries, State agencies

https://www.guardian.co.tt/news/govt-probes-cybersecurity-attacks-on-several-ministries-state-agencies-6.2.2623562.5adb2bd024

Publish Date: 2026-07-09 22:17:00

Source Domain: www.guardian.co.tt

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. Jesse RamdeoSe­nior Re­[email protected]­ern­ment is mon­i­tor­ing a se­ries of cy­ber­se­cu­ri­ty in­ci­dents that have af­fect­ed sev­er­al min­istries and State agency web­sites, with Min­is­ter of Pub­lic Ad­min­is­tra­tion and Ar­ti­fi­cial In­tel­li­gence Do­minic Smith as­sur­ing that in­ves­ti­ga­tions are un­der­way to de­ter­mine the ex­tent of the breach­es.The is­sue was first pub­licly high­light­ed by Trinidad and To­ba­go IT con­sul­tant Shiv­am Teelucks­ingh, who has been doc­u­ment­ing a re­cent in­crease in com­pro­mised web­sites across the coun­try and wider Caribbean.Speak­ing with Guardian Me­dia yes­ter­day, Smith said au­thor­i­ties are aware of the re­cent ser­vice dis­rup­tions but stressed that pre­lim­i­nary find­ings sug­gest they were not so­phis­ti­cat­ed, tar­get­ed cy­ber­at­tacks.“I’m aware of the ser­vice dis­rup­tions. Some are re­lat­ed to main­te­nance is­sues in­volv­ing third-par­ty ser­vice providers. The cy­ber in­ci­dents do not ap­pear to be tar­get­ed at­tacks but rather the ex­ploita­tion of known vul­ner­a­bil­i­ties by ma­li­cious bots,” Smith said.He added that the Trinidad and To­ba­go Cy­ber Se­cu­ri­ty In­ci­dent Re­sponse Team (TT-CSIRT) and oth­er rel­e­vant agen­cies are ac­tive­ly work­ing with stake­hold­ers to re­store ser­vices and in­ves­ti­gate the in­ci­dents.“At the mo­ment, TT-CSIRT and the rel­e­vant agen­cies are ac­tive­ly work­ing with stake­hold­ers to re­solve the is­sues. More broad­ly, this high­lights the need for a whole-of-gov­ern­ment ap­proach to strength­en­ing IT ser­vices, and work in that area is al­ready un­der­way.”Asked whether any sen­si­tive or per­son­al in­for­ma­tion may have been com­pro­mised, Smith said au­thor­i­ties have not yet reached a con­clu­sion.“There is an ac­tive as­sess­ment be­ing un­der­tak­en by agen­cies,” he stat­ed.The min­is­ter al­so sought to re­as­sure the pub­lic by not­ing that the af­fect­ed web­sites were not host­ed on the Gov­ern­ment’s Gov­Net in­fra­struc­ture.Mean­while, Teelucks­ingh said he has ob­served a sharp rise in cy­ber­se­cu­ri­ty in­ci­dents in re­cent months, at­tribut­ing much of the trend to cy­ber­crim­i­nals in­creas­ing­ly us­ing ar­ti­fi­cial in­tel­li­gence to iden­ti­fy weak­ness­es in web­sites.“Over the past cou­ple of months, I’ve no­ticed mul­ti­ple web­sites be­ing com­pro­mised, not on­ly Gov­ern­ment web­sites but web­sites across the is­lands and even from in­ter­na­tion­al clients,” he said.Ac­cord­ing to Teelucks­ingh, hack­ers are in­creas­ing­ly ex­ploit­ing out­dat­ed soft­ware, vul­ner­a­ble plug-ins and poor­ly main­tained servers to gain ac­cess to web­sites be­fore redi­rect­ing users to fraud­u­lent pages or dis­play­ing de­face­ment mes­sages.He point­ed to re­cent com­pro­mis­es in­volv­ing the In­dus­tri­al Court, the Ser­vice Com­mis­sions De­part­ment and the Hous­ing De­vel­op­ment Cor­po­ra­tion’s web­site, not­ing that each ap­peared to have been ex­ploit­ed dif­fer­ent­ly.In one case, a hack­er re­placed the web­site with a de­face­ment page, while an­oth­er redi­rect­ed vis­i­tors to an on­line gam­bling web­site.Al­though there is cur­rent­ly no in­di­ca­tion that cit­i­zens’ per­son­al in­for­ma­tion has been stolen in the re­cent in­ci­dents, Teelucks­ingh warned that com­pro­mised gov­ern­ment web­sites can still present sig­nif­i­cant risks.“Peo­ple trust gov­ern­ment web­sites. Once they’re redi­rect­ed else­where, they’re more like­ly to en­ter per­son­al in­for­ma­tion or fi­nan­cial de­tails with­out re­al­is­ing they’re deal­ing with crim­i­nals,” he ex­plained.He cau­tioned that at­tack­ers could ex­ploit pub­lic con­fi­dence by cre­at­ing con­vinc­ing phish­ing cam­paigns, sim­i­lar to pre­vi­ous scams in­volv­ing fake tax re­fund emails pur­port­ing to come from gov­ern­ment agen­cies.Teelucks­ingh said many of these in­ci­dents could be pre­vent­ed through rou­tine cy­ber­se­cu­ri­ty prac­tices, in­clud­ing reg­u­lar­ly up­dat­ing servers, patch­ing vul­ner­a­bil­i­ties and re­mov­ing out­dat­ed soft­ware.“The fun­da­men­tals are im­por­tant. If you’re up­dat­ing your servers, check­ing for vul­ner­a­ble plug-ins and main­tain­ing your sys­tems, you can mit­i­gate many of these sit­u­a­tions,” he said.While wel­com­ing the Gov­ern­ment’s ac­knowl­edge­ment of the in­ci­dents, the cy­ber­se­cu­ri­ty con­sul­tant be­lieves a broad­er re­view is nec­es­sary.“I think they need to do a full au­dit of gov­ern­ment ser­vices, whether host­ed by third par­ties or in-house, and dou­ble and triple-check every­thing, from lo­gins to plug-ins and serv­er con­fig­u­ra­tions,” he said.He al­so called for stronger co­or­di­na­tion across Gov­ern­ment agen­cies, say­ing in­con­sis­tent cy­ber­se­cu­ri­ty prac­tices could ex­pose cit­i­zens to un­nec­es­sary risks.Among the is­sues he high­light­ed was the re­port­ed use of gener­ic Gmail ac­counts for com­mu­ni­ca­tion in re­la­tion to some gov­ern­ment pro­grammes, ar­gu­ing that of­fi­cial cor­re­spon­dence in­volv­ing sen­si­tive per­son­al in­for­ma­tion should in­stead be con­duct­ed through ver­i­fied gov­ern­ment email do­mains.Teelucks­ingh said the re­cent in­ci­dents should serve as a re­minder that cy­ber­se­cu­ri­ty is no longer sole­ly a tech­ni­cal is­sue but a mat­ter of pub­lic trust.“I’m try­ing to work with any en­ti­ties will­ing to ad­dress these is­sues so we can mit­i­gate the risks. At the end of the day, the ob­jec­tive is to pro­tect cit­i­zens.”Au­thor­i­ties have not in­di­cat­ed when the af­fect­ed web­sites will be ful­ly re­stored, but in­ves­ti­ga­tions in­to the in­ci­dents and any po­ten­tial im­pact on users re­main on­go­ing.