Hackers going after small and medium businesses, Gardaí warn
Owners of small and medium sized businesses are being warned this week of an increased threat to their workplace computer systems from hackers.
The National Cyber Security Centre (NCSC) and the Garda National Cyber Crime Bureau (GNCCB) have contacted Small Firms Association, after observing “a trend of small and medium-sized businesses being increasingly targeted by ransomware groups”.
In the past these groups typically focussed on larger organisations. However, they noted that “recently there have been several smaller Irish businesses impacted by ransomware”.
The Director of the NCSC Richard Browne said: “We have been dealing with the threat of ransomware for some time; however, we have seen a noticeable change in the tactics of criminal ransomware groups, whereby rather than largely focussing on Governments, critical infrastructure and big business, they are increasingly targeting smaller businesses. This is a trend that has been observed globally, and Ireland is no exception with several businesses becoming victims of these groups in the past number of weeks.”
In the letter sent to Ibec’s Small Firms Association, the NCSC and GNCCB reiterated the measures that small and medium-sized businesses can take to prevent and recover from cyber-attacks such as ransomware.
Dr. Browne said: “Whilst we appreciate that many business owners are understandably nervous of the threat ransomware poses, there are some straightforward security measures that can be put in place to ensure that an organisations data and systems remain secure.”
Don’t pay
The cyber authorities also cautioned against the payment of ransoms to criminal groups saying that they do not “encourage, endorse nor condone the payment of ransoms”.
Detective Chief Superintendent Paul Cleary, Head of Bureau at the GNCCB, said: “There is no guarantee that paying a ransom will lead to your data being successfully being decrypted or prevent the data from being leaked online. In fact, it may lead to your organisation being targeted again, with some research showing that up to 80% of organisations that pay are attacked again.”
He encouraged business owners to report the incidents to both the NCSC and An Garda Síochána who may be able to support victims of cyber-attacks. Detective Chief Superintendent Cleary added that “reporting incidents allows us to fully investigate these cyber-crimes and helps us to identify trends and methods used by attackers so we can provide cyber safety and network protection advice to the public and the corporate sector”.
In response to the letter, the Director of Ibec’s Small Firms Association, Sven Spollen-Behrens, said: “This warning from the NCSC and GNCCB tallies with what we are hearing from our membership who are increasingly worried about the threat posed by cybercrime. The advice provided is very helpful and we’re eager to work with the authorities to ensure our membership are putting in place the right protections to defend against these attacks.”