COMMITTEE ON HEMISPHERIC SECURITY- “Special Security Concerns of small island States of the Caribbean” Presented by Kerry-Ann Barrett Ministry of National Security April 22, 2013 The nature of cyber security in T&T The nature of cyber crime in T&T The work of the Cabinet-appointed IMC • The National Cyber Security Strategy • The Cybercrime Policy and Bill National Efforts in public awareness An Assessment of the Challenge Next Steps Isolated incidents are treated on an ad-hoc basis either by the ISPs or computer related departments in the government. There is a cybercrime unit within the Trinidad and Tobago Police Service, which has responsibility for investigating all cyber crime and computer related crimes The Ministry of National Security has the oversight for the development of the policy and governance framework for cyber security. Reliance on ISPs to provide support and knowledge sharing on best practices and security awareness. High need for training of individuals in cyber security Cyber security initiatives and development of legislation to address cybercrime are currently in progress and are being co-ordinated by an Inter-Ministerial Committee appointed by Cabinet to develop a coordinated approach to cyber security Trinidad and Tobago ranks 112 out of 114 countries in relation to laws on ICT and 101 out of 104 in relation to ICT use and Government efficiency according to WEF Global Information Technology Report 2013 Ministry of Science and Technology is responsible for national ICT policy and management of the government ICT backbone. Pursuit of rationalization and centralization of Government's infrastructure Moving towards a shared services framework which would involve increased requirement for security, stability and resilience. Recent incidents in Trinidad & Tobago: Cyber bullying Unauthorised access: Government websites defaced / hacked Data Leaks Skimming Money laundering Spam, Phishing Scams, Malware Areas susceptible to compromise by cyber criminals: • online banking and financial networks; • online government services such as TTBizLink; • real-time information systems of power plants and pumping stations etc.; • revenue-generating oil, gas and petrochemical infrastructure; • air transport and public ground transportation. The Trinidad and Tobago Police Service established a Cyber Crime Unit in 2008 It is the national provider for all cyber crime services Staffed with highly skilled professionals Proactive internet investigations including computer crime and Smart Phone related crimes Undertakes public awareness through lectures and presentations to schools and any interested persons The CCU utilizes Interpol and Europol Training and best practices as well as the United States Anti Terrorism Assistance (DS ATA ) Training and DOD standards Reports of technology based crimes are made to Police Stations/ Sections of TTPS. Requests from investigators are sent via telephone, e-mail or written correspondence to the Head of CCU. Requests are stored on CCU database before being assigned by the HOD for processing /analysis A group of specially trained police officers who report directly to the HOD. Assists investigators in the following areas : Cell phone triangulation Wireless investigations Live Data Forensics CCTV Footage retrieval Identification and Seizure of Digital Evidence Increased manpower so as to increase overall productivity and quality of investigation. Increased investment in Digital Forensic Equipment to increase detection and deter would be Cyber Criminals. Develop and strengthen relationships with law enforcement across various jurisdictions to effectively apprehend perpetrators. Established by Cabinet in March 2010 Began operations in April 2011 Given a period of twenty four months to complete its mandate To develop a coordinated National Cyber Security Strategy and Action Plan To facilitate, guide and ensure the enactment of a national Cybercrime Act To facilitate, guide and ensure the implementation of a National Computer Security Incident Response Team (CSIRT) To establish an implementation mechanism that would have legislative authority to develop and enforce cyber security regulations To create a mechanism/framework that ensures that risk/vulnerability assessments of each Ministry’s cyber infrastructure and cyber security plan are conducted regularly Core Committee • Ministry of National Security (Chair) • Ministry of Science and Technology • Ministry of Tertiary Education and Skills Training- • • • • • • University of the West Indies Ministry of Public Administration Ministry of the Attorney General Ministry of Public Utilities Ministry of Energy and Energy Affairs Ministry of Finance and the Economy National ICT Company Ltd. (iGovTT) Sub Committees: • Ministry of Health • Ministry of Education • Ministry of Legal Affairs • Ministry of Foreign Affairs • Ministry of Transport • Telecommunications Authority of Trinidad and Tobago National Strategy Culture and International Cooperation IMC Government/ Civil Society and Private Sector Collaboration Incident Manageme nt Legal Developed and obtained approval for National Cyber Security Strategy (December 2012) Developed and obtained approval for a National Cybercrime Policy (February 2013) Coordinated the work of a HIPCAR Consultant which resulted in the development of a Draft Cybercrime Bill Capacity building and government stakeholders HIPCAR and proposed CCI) training for (OAS/CICTE, Approved in December 2012 To create a secure digital environment that will enable all users to enjoy the full benefits of the Internet; To provide a governance framework for all cyber security matters by identifying the requisite organizational and administrative structures necessary, inclusive of human resources, training and capacity building and budgetary requirements; To protect the physical, virtual and intellectual assets of citizens, organizations and the State through the development of an effective mechanism that addresses and responds to cyber threats regardless of their origin; To ensure the safety of all citizens by promoting awareness of cyber risks and developing effective and appropriate protective measures to mitigate such risks and attacks; To prevent cyber attacks against critical infrastructure and secure information networks by building competency among primary stakeholders and the general public; To minimize damage and recovery times from cyber attacks through effective incident management measures; and To create a legal and regulatory framework to maintain order and protect the privacy of users and criminalize attacks in cyberspace. Governance: The fundamental goal is the establishment of a Trinidad and Tobago Cyber Security Agency (TTCSA) as the main body responsible for all cyber security matters, and the coordinating centre for all cyber security operations. Incident management: The establishment of Computer Security Incident Response Team (TT CSIRT) as a national focal point for incident reporting, incident management and incident response. Collaboration: The establishment of public-private/civil society partnership in securing Trinidad and Tobago’s cyber infrastructure, as well as the promotion of cooperation with international organizations Culture: Awareness raising, training and education in cyber security throughout the country. Legislation: The drafting and enactment of relevant cybercrime legislation to criminalise appropriate offences, prosecute offenders and protect citizens. Anti-Terrorism Act (as amended), 2005 Computer Misuse Act, 2000 (Cybercrime Bill) Children's Act (as amended), Chap 46:01 Dangerous Drugs Act, Chap 11:25 Electronic Transfer of Funds Crime Act, 2000(to be amended) Evidence Act (Section 14B) Extradition (Commonwealth and Foreign Territories)Act, 1985 Financial Intelligence Unit of Trinidad and Tobago Act, 2009 Interception of Communications Act, 2010 Mutual Assistance in Criminal Matters Act (as amended) Offences Against the Persons Act, Chap 11:08 (Section 30A) Proceeds of Crime Act, Chapter 11:27 Trafficking in Persons Act, 2011 Telecommunications Act (as amended), Chap 47:31 Ensure a coherent strategy in the prevention, investigation, prosecution and sentencing of computer crime and cybercrime in Trinidad and Tobago Enable Trinidad and Tobago to participate in the international endeavour to fight against transnational computer crime and cybercrime. Inform the preparation of a legislative framework for the deterrence and prosecution of cybercrime Prevention and Awareness Raising Criminalization of offences related to computer crime and cybercrime Institution of investigation mechanisms Use of electronic evidence in prosecution Creation of an environment that defines the obligations and restricts the liability of ISPs Repeal of the Computer Misuse Act (2000) and replace with the Cybercrime Act Offences: • Offences against the confidentiality, integrity and availability of computer data and computer systems • Content-related offences • Copyright-related offences • Computer-related offences In 2009, TATT produced a drama/discussion programme entitled ‘Cyber Dangers’ which included participation from the TTPS Cybercrime Unit April-June 2012, MSTTE embarked on nationwide school tour which addressed inter alia, online responsibility and safety October 2012 TATT presented to several schools on the dangers of Cyberspace April 2013 TATT hosted two technical workshops on IPV 6 and DNS Security for Servers and Router Security Software (RPKI). The workshops focused on expanding attendees’ understanding of IPv6 which replaces the current Internet protocol IPv4, as well as the use of DNS Security Extensions (DNSSEC) technology and Resource Public key Infrastructure (RPKI) for protecting local Internet users from cyber criminals. Ministerial Steering Committee on ICT to address governance and to ensure prudence and demonstrable value in ICT investment There is evidence to show that cyber attacks are growing in sophistication, frequency and gravity Impact difficult to quantify as victims very often fail to report incidents Lack of resources (human and financial) Lack of technical capacity Lack of coordination within the country Lack of knowledge: • Work of the IMC across the public (and private) sector • Threats lurking in cyberspace from the general community Drafting and enactment of Cybercrime Legislation to repeal and replace Computer Misuse Act (as directed by Cabinet) Drafting of a National Plan of Action to support the National Cyber Security Strategy inclusive of budget requirements, timelines for implementation and communication protocols for each pillar Establishment of National Computer Security Incident Response Team (CSIRT) • A proposal from an international organization for assistance in establishing a CSIRT is currently under consideration Establishment of Trinidad and Tobago Cyber Security Agency (TTCSA) Training and collaboration organizations Increased Cyber capacity with public awareness Security Symposium building in international