Govt’s network not infiltrated – NDMA Head

  • says ongoing investigations reveal no successful cyber espionage on network

The National Data Management Authority’s (NDMA’s) Cybersecurity Division has indicated that no successful cyber-espionage malware was found on the Government of Guyana’s Network.

This disclosure follows a recent claim made by a cybersecurity firm that, in February 2023, an unnamed Government of Guyana agency was the victim of a successful spear-phishing campaign that sought to compromise sensitive government data.

Since the release of the article on October 5, 2023, NDMA has deployed its cybersecurity analysts and specialists to assess these claims. Investigations reveal that the cybersecurity firm exaggerated the threat in their “exposé.”

NDMA General Manager, Christopher Deen, reiterated that matters of cybersecurity and potential threats to Guyana’s digital infrastructure are taken very seriously. “We have launched extensive investigations both in and out of the government’s network to determine the validity of this report. Based on the information currently available, a spear-phishing attempt was made against a Government Ministry. The security systems employed intercepted this attempt and nullified its effects. I take this opportunity to note that locally, NDMA has detected and mitigated some 442 malware attacks at government agencies in the first quarter of 2023.”

Nonetheless, even as investigations continue, NDMA has contacted the cybersecurity firm that made the claims to gather additional information, verify the data shared, and ascertain the firm’s source. To date, NDMA is still awaiting the cybersecurity firm’s response. Further, some may also question the cybersecurity company’s motivations and ethics.

NDMA General Manager, Christopher Deen

Cybersecurity professionals have access to sensitive information including personal data and proprietary information. Disclosing sensitive information without stakeholder consultation can be detrimental. So how is the cybersecurity firm benefitting from publishing and making claims based on “medium confidence” and linking this spear-phishing campaign to other local events without evidence-based proof? Forbes (Advisor), in a June 2023 online article, estimated that over five hundred million phishing attacks were reported in 2022 worldwide.

This number shows just how common this type of threat is in today’s digital world. The singling-out of this particular incident also raises questions, as it is not conventional practice to disclose consumer-specific information without the customer’s explicit permission. We will continue to reach out to the cybersecurity firm for in-depth consultations. Even as ongoing inquiries continue into the alleged incident, NDMA remains resolute in its mandate to promote safe cybersecurity practices within government ministries and agencies.

In keeping with international best practices, NDMA operates both a 24/7 security operations centre which provides 24-hour technical support on cybersecurity issues to government agencies; and the Guyana National Computer Incident Response Team (CIRT) which serves as a valuable resource for threat response and incident handling.

NDMA’s efforts are also complemented by ongoing cybersecurity awareness training initiatives and programmes.

Staying with the theme “Don’t bite the bait: how to ensure you’re not phished,” NDMA’s Get Safe Online Guyana and Guyana National CIRT offer valuable resources to empower citizens with cybersecurity skills and knowledge. Get Safe Online Guyana allows visitors to access information on safe internet practices, including guidance on protecting personal data, recognising and mitigating cyber threats, and practising online safety.

Finally, in the month of October, the Government of Guyana joins the rest of the world in commemorating Cybersecurity Awareness. This year NDMA will facilitate several training sessions across the country. These training initiatives are set to provide invaluable information on safe cyber security practices as well as how to identify and respond to cyber security threats.