Tru Valu CEO on Massy cyberattack: It’s a concern for everyone

The content originally appeared on: Trinidad and Tobago Newsday

Customers enter Massy Stores, a part of Massy Holdings, in Westmoorings. – FILE PHOTO/ROGER JACOB

TRU-VALU CEO Sunil Maharajh expressed extreme concern after supermarket chain, Massy Stores confirmed that it had undergone a cyberattack, prompting it to close all its 23 branches in Trinidad on Thursday.

Maharajh said such cyberattacks was a concern for every business.

“I don’t think anyone can sleep easily tonight,” he said. “This brings entire operations to a halt. If you lose a day of trading that could hurt you significantly.”

Maharajh said the Tru-Valu chain took appropriate precautions to guard itself against cyberattacks but in light of the incident at Massy Stores, it will do further assessments to find weak points and address them.

He said that many businesses have taken precautions against cyberattacks but in some cases it may not be enough.

“Sometimes these things are done from places far away by people who have infinitely more resources than we have. In many ways we are a small island in a big world, and groceries like Massy are big to us, but it is still a matter of perspective. On a global scale Massy is not very large. It could be people from outside this country with a lot of resources who can conspire to do something like this.”

Amcham – Cyberattacks on the rise

Amcham TT CEO Nirad Tewarie, citing a PWC report on cyber security, noted that cyberattacks were on the rise, noting that there is a need to pay more attention to digital security. He said proper risk assessment and having internal tech teams working with internet service providers would be some of the best ways to mitigate the risk of cyberattacks.

“Businesses have to, as best as they can, stay current and assess risk and close whatever avenues to intrusion as quickly as possible,” he said. “The other thing that businesses would have to do is be very aware of social engineering. This is where people – most often employees – are tricked into allowing malware into a system. That could take the form of someone getting to know someone else and encouraging inadvertently or introduce a file that has malware, or it could be as simple as clicking on an email or opening an attachment that may in fact be malware.”

He added that government offices, too, should be aware and assess and mitigate such risks.

He said many tech consultancy companies perform risk assessments.

Tewarie said cyberattacks are staged to hold information at ransom, where all data on a business’ system can be locked and the attackers offer to release the data for a fee, or to access information that would later on be sold on the dark web.

PWC report – cybercrime the biggest threat to business

A PWC report indicated that 46 per cent of surveyed businesses reported experiencing fraud, corruption or other economic crimes in the past 24 months, and cybercrime tops the list of threats facing businesses.

The report was done from a survey of 1,296 businesses from across 53 countries including TT and indicated that cybercrime, customer fraud and asset misappropriation were the most common crimes experienced by businesses regardless of how big or small they are.

“The rise of digital platforms opens the door to a myriad of financial crime risks and 40 per cent of those encountering fraud experienced some form of platform fraud,” the report said.

This year’s survey indicated 42 per cent of large businesses reported cybercrimes over the past 24 months and 34 per cent experienced customer fraud. It added that emerging risks include environmental, social and governance (ESG) fraud – where ESG disclosures are altered so they do not truly reflect the activities of an organisation, supply chain fraud, and also have the potential to cause greater disruption in the next few years.

The report said one in eight organisations experienced new incidents of supply chain fraud as a result of disruptions caused by covid19.