Guernsey Firms Told To Prepare For Cyber Threat
by Jason Gorringe, Lowtax.net, London
14 August, 2015
Guernsey firms that rely on maintaining internet access have been encouraged to check they have appropriate cyber security safeguards, following an attempt by a criminal group to target and extort Guernsey firms.
The attempts – while unsuccessful – were made by a group of highly sophisticated cyber criminals and highlighted that Guernsey companies must be prepared for this type of attack, Guernsey Police said.
According to Guernsey Police, during the last 12-18 months an organization calling itself DD4BC has been targeting various companies - ranging from online casinos to banks - with 'distributed denial of service' attacks (DDoS), which can take websites offline. DD4BC has been increasing both the frequency and scope of its DDoS extortion attempts, shifting targets from bitcoin exchanges to online casinos and betting shops and, most recently, to prominent financial institutions across the United States, Europe, Asia, Australia, and New Zealand. Guernsey Police said the group blackmails companies by demanding bitcoin payments to avoid their central services being subjected to DDoS attacks.
Guernsey Police said DD4BC had emailed an extortion notice to several local firms, followed by an active demonstration of their capabilities. Regarding the demonstration, DD4BC reportedly says in its emails: "Don't worry, it will not be hard and will stop in 1 hour. It's just to prove that we are serious."
The Guernsey Government said: "While none of the attempts – all made during the last six weeks – have been successful, the instances highlighted the importance of Bailiwick companies being prepared. We would recommend that any local firm reliant on maintaining internet access employs anti-DDoS technology. We would also encourage any company that believes it is being targeted to alert both their service provider and Guernsey Police."
On August 12, the States of Guernsey, in partnership with Guernsey-based international experts Ascot Barclay Group Ltd, launched a cyber-security survey, which aims to better understand the threat profile to islanders, business, and government from a digital perspective. Islanders and are being asked to complete the online survey, being hosted on the Government's website.
Colin Vaudin, Chief Information Officer for the States of Guernsey, said: "The States of Guernsey has already launched the Smart Guernsey agenda, which aims to deliver greater digitization of government services - to the benefit of islanders, service users, businesses, and states employees. To support that, we are developing a cyber-security strategy, which will identify potential threats not just to areas such as data and systems that will be part of digital government, but also potential threats to the island's critical infrastructure. That includes communications, emergency services, energy, finance, food, public services, healthcare, transport, and water."
"Moving towards e-government means that greater consideration is required around security to ensure resilience and build trust in e-government... we have a responsibility to identify those risks and to protect our community - we cannot afford to be complacent. Cyber-crime can cause its victims serious financial and reputational damage."
See all of today's news