On Friday, 12 May 2017, a large cyber-attack referred to as WannaCry infected over 230,000 computers in 150 countries around the world. The attack has been described by experts as unprecedented in scale. A preliminary tally shows that WannaCry has affected among others Telefónica in Spain, the British National Health Service, Russia’s Ministry of the Interior, FedEX and France’s Renault auto industry. It is expected that by Monday morning many more companies and institutions will notice that they have been attacked as the work computers are turned on.
Unfortunately, there is a view that somehow we are immune or unlikely to be of interest to cyber criminals. However, when we consider the large amounts of money transferred through our financial institutions, the sensitive documents held in the offices of lawyers, doctors, pharmacies, notaries public and even information pertaining to the pending negotiations regarding the future of our refinery, the dangers of cybercrime suddenly become clear. While no one I have talked to has addimitted being a victim of cybercrime, experience tells us that because of the perceived reputational damage, there are ample or no reports of the existence of cyber-attacks. In an evaluation published last year by the Inter-American Development Bank, the vulnerability of the Latin America and Caribbean region is painfully highlighted. See https://publications.iadb.org/bitstream/handle/11319/7449/Cybersecurity-Are-We-Prepared-in-Latin-America-and-the-Caribbean.pdf?sequence=1
We have a small window in which to develop strong and integrated cybersecurity networks before attackers begin infiltrating. Government has to form a Taskforce to respond to attacks and provide a framework for cybersecurity. Regarding the legal environment, Government and Parliament have to review our criminal code to more effectively fight this type of crime. Existing legislation needs to be reviewed and new laws need to be drafted. We need to create more awareness regarding the consequences of cyber-attacks for our daily lives (ATMs that could be rendered inactive, air trafic control that could be disrupted, the Tax Department, the hospital, Aqualectra that could be compromised). The need for technical infrastructure and capacity building to prevent these attacks is vital as is the awareness that we by ourselves cannot adequately deal with these challenges. We need to engage in regional and international coordination. I strongly suggest this point to be included in the next IPKO (Meeting of the Parliaments of the countries of the Kingdom of The Netherlands). Time is not on our side.