Good Governance? What’s behind GEBE’s cybersecurity breach from march 2022…

Another writing on the wall that led to the situation GEBE is right now…

March 2022, over 11,000 files from GEBE were leaked and offered on the dark web. This massive breach included nearly all account details of account holders, making them known to hackers to this day. Despite the severity of this breach, GEBE has never individually informed its customers about the exposure of their sensitive information.

The people of Sint Maarten deserve clear answers about what happened at GEBE and how it can be prevented in the future. A big mistake allowed a cyberattack to happen, causing problems for everyone. Here are the main points that went wrong. The pattern of bad Governance and operations are typical and still actual. Upon this day GEBE still did not fix all the problems and accounts….

  1. Unpatched Systems: GEBE didn’t update its important computer systems, which left holes for hackers to get in.
  2. Weak Network Security: The network was not divided into smaller, safe sections, so once hackers got in, they could move around easily.
  3. Firewall Issues: The firewalls (which are supposed to block bad traffic) were not set up right, letting hackers in too easily.
  4. Poor IT Practices: They used the same passwords for many systems, didn’t train their staff well, and didn’t regularly update their security settings.
  5. Bad Backup and Recovery: Their backup systems weren’t secure or well-managed, making it hard to recover data after the attack.
  6. Lack of Monitoring: They didn’t watch their systems closely enough to catch the hackers in time.

Critical Questions:

  1. What mistakes did GEBE make that let the hackers in, and how can they fix these mistakes to prevent future attacks?
  2. How will GEBE improve its network and firewall security?
  3. What steps will GEBE take to ensure all systems are regularly updated and patched?
  4. How will GEBE train its staff to be more aware of security threats?
  5. What new methods will GEBE use to secure their backups and make recovery easier?
  6. How will GEBE ensure constant monitoring of their systems to catch threats quickly?
  7. What long-standing issues has GEBE had, and how will they solve these to improve their service?

Understanding these points helps us see what went wrong and what GEBE needs to do better in the future. This ensures that everyone can trust GEBE to provide safe and reliable services.