Failed cyber attack on Central Bank’s website sparks heightened threat awareness

NASSAU, BAHAMAS – An IT executive at the Central Bank said that a recent unsuccessful attack on the regulator’s website had heightened awareness of a potentially greater ‘imminent threat’ and spurred enhanced defensive measures.

Luther Smith, Chief Information Security  Officer at the Central Bank and a panelist at CyberTek Bahamas: DragonTek’s Cybersecurity Summit, noted that recently, there was an unsuccessful attack on the regulator’s website. He emphasized that it was not viewed simply as a one-off event but as an opportunity to identify any vulnerabilities that need to be addressed in light of potential imminent threats.

“What that incident taught us is that we cannot look at this attempt in isolation. We need to consider whether it was a distraction or a precursor to something much larger,” he said.

He further explained: “About a week ago, we were the target of a DDoS (denial of service) attack. Luckily, the attackers were unsuccessful, but we were the target. A denial of service attack aims to render a website unavailable. It’s not one of those attacks where they try to compromise data or information, but it typically focuses on the availability of resources. Anytime we see instances like this, we heighten our posture concerning potential threats. Naturally, we mobilize all of our resources to ensure there isn’t a more imminent threat. We aim to be proactive rather than reactive. In this instance, we were able to avert what the threat actor was trying to do. We don’t see it as a one-off and are preparing ourselves for anything else they may potentially throw at us.”

“This is nothing new, and that’s why we have defenses and technologies in place to detect and mitigate against these threats,” said Smith. “We regularly observe attempts being made. We remain mindful of instances where a threat actor could get through, and it’s our responsibility to shore up our defenses and continually reassess our risk posture.”

Smith said that there is a growing awareness locally regarding cyber threats and the critical need for cybersecurity. “I think the culture is changing because we are realizing and appreciating that our environment is becoming increasingly digitized as the government and private sector look to modernize their investments, meaning more data is being made available online,” Smith added that there is also a need for more user awareness training to mitigate against cyber threats.