Less than a week after declaring that reports of a ransomware attack on TSTT were "not true," Minister of Public Utilities Marvin Gonzales has made a full about-turn and ordered the state-run communications company to have an independent investigation done into the matter.
In a press release on Sunday, Gonzales said that "like everyone else," he too was "deeply concerned" about the recent cyber attack on TSTT.
Declaring in his release that digital security invasions were becoming an increasingly frequent phenomenon worldwide, Gonzales said while no organisation or individual was immune to such attacks, the breach of TSTT’s digital security apparatus "is a matter of grave concern to Government" and by extension, the people, given TSTT’s importance on the country’s telecommunications landscape.
According to a Newsday report published on October 30, Gonzales claimed reports on the ransomware attack on TSTT were "not true."
FalconFeeds.IO, a cyber security firm that offers an X (formerly Twitter) feed reporting on breaches – according to the Newsday report – claimed tstt.co.tt and bmobile.co.tt were compromised by ransomware group Ransomexx.
Asked about this on October 30, Gonzales said, "It is not true." Asked to comment further, he said TSTT would issue a statement soon.
In a statement, also on October 30, TSTT said hackers had tried to break into its cyber systems holding terabytes of data, but were unsuccessful.
“On October 9, cyber attackers attempted to gain unauthorised access to TSTT’s systems,” the company said.
“At the onset of the threat, TSTT’s incident response processes were swiftly activated. The company took immediate steps to minimise the security vulnerability, successfully isolating its systems and applications.
“These systems were subsequently quarantined, rebuilt and put back into production as part of clearly defined policies and procedures.”
The release added that TSTT also sought support from internationally recognised cybersecurity experts in investigating the attempted breach. The company has already implemented additional security measures and protocols, as advised by the experts.
In his release on November 5, Gonzales said: The gravity of the situation warrants a thorough and full-scale investigation to ascertain the facts and circumstances that caused the breach, TSTT’s communications regarding the matter, and the actions the organisation is (and has been) taking to reduce the possibility of future cyber incursions.
"I have therefore spoken with the chairman of TSTT and mandated that the board of directors commissions an independent inquiry into the matter and to make public the facts and findings, in so far as the details do not compromise TSTT’s customer confidentiality or further put at risk the integrity of TSTT’s data or digital infrastructure.
In the wake of the cyber attack on TSTT, Princes Town MP Barry Padarath, in a statement last Friday, called for new legislation against such attacks, and the re-establishment of the Joint Select Committee (JSC) on Cyb