Thu | Nov 26, 2020

NIDS data concerns - Cybersecurity expert supports proposed system but warns about hackers

Published:Friday | November 17, 2017 | 12:00 AMCorey Robinson
In this September 2011 photo, then Prime Minister Bruce Golding (centre) greets Ancile Brewster (left), then country representative, Inter-American Development Bank, and Ki-Mo Lim, chargé d’affaires, Embassy of the Republic of Korea, at the launch of work on the proposed NIDS.

As public debate continues over the proposed National Identification System (NIDS), an international cybersecurity expert is expressing concern about the ability of the Government to protect the data it will capture from Jamaicans.

Marc Asturias, senior director of marketing and communication in Latin America and the Caribbean for Fortinet - one of the largest cybersecurity providers worldwide - says hacking is growing in the region, and companies and governments are among the top targets.

"I think the identification system has a lot of positive aspects to it ... I've seen that system implemented elsewhere and it has been quite effective. It is a question of whether they have taken into consideration all the cybersecurity concerns," said Asturias.


Caribbean lagging


He charged that the region is lagging in its cybersecurity efforts, even as the Government rushes to implement NIDS, which will include the full name, date of birth, and biometric information, including fingerprints, facial image and manual signature in its database.

"In working with different government officials in the region, I can say that hacking is a daily thing. They may not realise it, and sometimes they realise it a little too late," said Asturias, as he pointed to cyberattacks in Puerto Rico last year and Costa Rica the year before.

"Take the example of the United States. In the past two years my personal information was hacked from the government four times - and that's the US government," he said.

"The IRS was hacked, an entity within the US congress was hacked, and we all know about the Equifax breach. Whether the data is residing with the government or outside with your credit bureau, there is still a risk."

According to Asturias, if criminals gain access to persons' information from the NIDS database, they can build profiles of their victims, which can be used to do anything from purchasing CDs to buying cars, homes and opening credit cards.

But ACP Clifford Chambers, head of the Police Area Three, who once headed the police Counter-Terrorism and Organised Crime Branch (C-TOC), told The Sunday Gleaner that while some of Asturias' concerns are genuine, Jamaica is in a better position than most of its Caribbean counterparts.


Ja not so vulnerable


"We are not as vulnerable as many of our Caribbean neighbours, and we can dare say that we are better than most, if not all. With regard to the prosecution side of it, we are also seeing where our investigators are making some very good breakthroughs," said Chambers, as he underscored that no computer system worldwide is completely secured.

According to Chambers, based on his knowledge, the preliminary security measures surrounding the NIDS are sufficient.

"Having gone through the document, and having myself been privy to some of the discussion at C-TOC, I think it is secure, and the information that is provided will not be available to any and sundry to be accessed.

"There are layers of security before information can be provided," said Chambers, as he argued that NIDS will go a far way in the country's fight against criminals.