The Tribune

By RIEL MAJOR

IN the wake of hackers demanding a ransom from the Broadcasting Corporation of the Bahamas, the Democratic National Alliance (DNA) is calling for a “comprehensive vulnerability and penetration test” to determine areas of weakness within the BCB’s IT system.

In a press statement, officials from the DNA said the recent cyber-attack raises serious concerns about the continuation of the business and the recovery framework of the BCB.

“We appreciate that paying the requested ransom may not be in the overall interest of the BCB and the country as such a payment may be used to fund further cyber criminality or terrorism. However, the Bahamian people remain in the dark on the overall strategy or course of action that the government has adopted to bring normalcy to the BCB’s operations,” said the DNA statement.

“As a further precaution, we recommend that training sessions are held for staff to alert them to the instance of phishing tactics included in malicious attachments that may come via email or other sources.

“The board and management of the BCB must immediately disclose whether a robust business continuity plan (BCP) exists for the organisation and its effectiveness. In the absence of such a framework, the BCB should move swiftly to draft and implement a BCP and disaster recovery plan (DRP), which among other things articulates a contingency plan for cyber-attacks and other operational disruptions.

“Such a plan may also call for the update of computer and operating systems, installation and updates of anti-virus and anti-malware software, or conversely installation of artificial intelligence software, regular backup of important files, proper vetting of vendors and their approach to cyber security as well as relevant insurance coverage among other things.”

Mike Smith, BCB chairman, said yesterday most of the recommendations suggested by the DNA are in progress and reminded the general public that this is an active criminal investigation.

Mr Smith said: “We are assisting the police and not releasing too much information at this time as it might assist persons that wish to do the corporation harm.

“We will issue a full and proper statement in due (time)...once we are satisfied that we are in the position to do so without negatively affecting the cooperation. All of the relevant information that has been suggested by the DNA spokesperson will in fact be addressed.

“The corporation is taking this matter very seriously and our staff and other advisers working pretty much continually to get us back to normal. We are making significant progress I’m pleased with the progress we are making and will report to the public in short order.”

On January 14, hackers demanded a ransom from the BCB after taking control of radio servers at ZNS. At the time, Mr Smith confirmed to The Tribune the organisation’s servers were hit sometime before noon.

Last week, Minister of National Security Marvin Dames said police sought assistance from “international partners” in response.