24 Oct 2016

Bermuda faces new cybersecurity threats

Author:

A new type of cybersecurity threat has led to some residents experiencing “substantial financial loss”, according to the Ministry of National Security.

Senator Jeff Baron, the national security minister, revealed today that “whaling” and “spear phishing” attacks are luring target recipients into wiring funds to bank accounts controlled by internet or cyber criminals.

It comes as the public is reminded to be vigilant about the latest cybersecurity attacks in the wake of cybersecurity concerns in the United States and as a follow-up to Bermuda Police Service updates about fraudulent e-mail scams.

“This threat is real, and in Bermuda,” Mr Baron said. “The sophistication of this cybersecurity lure is such that some in Bermuda have experienced substantial financial loss from these ‘whaling’ e-mail attacks.”

According to the Ministry, “whaling” or “spear phishing” are classed as Business E-mail Compromise crimes by the US Federal Bureau of Investigation.

They involve the use of sophisticated technical engineering to create impostor e-mails that lure target recipients into wiring funds to bank accounts controlled by internet or cyber criminals.

Mr Baron explained that the Bermuda Government offers RMail — available through a partnership between the Bermuda Post Office and Secure Messaging Systems — that offers the necessary protections for e-mail transactions including this latest cybercrime.

The latest RMail update release for Microsoft Outlook and Office 365 Outlook contains the first ever security feature to detect and prevent these BEC whaling attacks.

According to Wayne Smith, the Post Master General, the technology provider, R-Post, is endorsed by leading industry groups and has served customers worldwide for more than a decade.

“It offers the user secure large file transfers, anti-whaling impostor e-mail protection, e-mail encryption, e-signatures, e-mail tracking, certified delivery proof, and other sending options for high-value electronic correspondence to Microsoft Outlook and Office 365,” he said.

“The message recipient is not required to have any special software or click anything in order to read the Registered e-mail message or return the Registered Receipt e-mail.

“The RMail Registered E-mail service has been assessed and reviewed by the Attorney General’s Chambers and we are satisfied that the service fully satisfies the legal delivery proof criteria as outlined in the Electronic Transactions Act of 1999.”

Read original article here.