At least two Cyber Security experts believe the second vulnerability found in the JAMCOVID App could be considered worse than the first.
Cyber Security Consultant, Trevor Forrest, says the lapse represents a serious problem on the basis of information it exposed to misuse.
The second alleged security lapse on the JAMCOVID application was brought to public knowledge once again by technology magazine TechCrunch.
The magazine says private keys and passwords linked to the Government app and the website were left exposed. Mr. Forrest says this puts the entire JAMCOVID system and related systems at risk.
Another Cyber Security Consultant, Gavin Dennis, says he’s surprised the vulnerability was not discovered during an alleged comprehensive security review done by Escala 24×7, a leading cybersecurity firm.
However, Mr. Dennis says the lapse doesn’t suggest incompetence but reveals a level of carelessness.
Gavin Dennis, Director of G5 Cyber Security Inc.
Meanwhile, Mr. Forrest agrees that Tech Crunch’s Zack Wittacker should not be pursued by Jamaican authorities for his role in exposing the vulnerability. Mr. Forrest says not all hacking is necessarily a bad thing.
He says cyber security vulnerabilities are a regular occurence and persons like Mr. Wittacker are needed to ensure they can be corrected.
Trevor Forrest, CEO of 876 Technology Solutions and cyber Security Consultant.
Both were speaking on Nationwide This Morning, with Abka Fitz Henley and Danielle Archer.