Speaking about the report Brian Honan, head of IRISSCERT, said: “This year has seen a significant change in the threat landscape for Irish businesses. We still have the traditional threats of computer virus infections, security breaches, website defacements and hijacking to host malware or phishing sites."
"This year we are seeing a trend in the use of Denial of Service attacks against organisations. Some of these attacks can be attributed to hacktivist activity, but for others the motive is not so clear and could be criminal elements looking to extort businesses. We also see an increase in reports of companies’ systems been subjected to ransonware, which in some cases has seen demands for up to €3,000,” Honan added.
Ransonware is where criminals infect a company’s network with malicious software. This malicious software renders the company’s backups unusable and then encrypts all data held on the company’s server. The victim company is then told they must pay a ransom in order to recover their data. If the ransom is not paid the data will remain encrypted and in some cases deleted from the server. Brian Honan went on to say “Typically ransomware attacks are hitting businesses in the SME sector as many do not have the in-house expertise, or indeed access to that expertise, to manage the threat”.
The shortage of computer security skills is another theme that is common at this year’s conference. A number of the sponsors of the event are there to spot and recruit talent.
Brian Honan said: “There is a shortage of skilled people in this area. Our annual conference has become the premier computer security event in Ireland and attracts many people in the industry. This coupled with our cyber security challenge means that the conference is an ideal location for some of our sponsors, such as Amazon, to try to recruit skilled computer security experts”.
Highlighting the reputation of the IRISSCERT Annual Cyber Crime conference is its ability to continue to attract high profile speakers, which in previous years included Howard Schmidt – Special Cyber Security Advisor to President Obama and Mikko Hypponen from F-Secure.
This year’s keynote speaker is Marcus Ranum, CTO of Tenable Security and a recognised luminary in the field of Internet security. Ranum is credited with building the first commercial firewall, the first email server within the White House and has a host of innovations in firewall and intrusion detection technology.
IRISSCERT recommends companies follow the below steps to manage the ransomware threat:
- Ensure an effective firewall is in place on their network
- Ensure anti-virus software is installed on all computers, including servers.
- Ensure that anti-virus software is kept up to date with the latest versions and anti-virus signatures.
- Ensure all computers are patched with the latest security updates for the software in use.
- Ensure all backups are working correctly. This should include verifying that data can be restored from the backup media.
- Ensure all staff members are aware of potential security risks and aware of good security practises.
- Have an incident response plan in place and to ensure this scenario is included in that plan.
- If you should become a victim of ransomware you should report the issues to the Gardai.