Cyber security incidents fall in 2012 as hacking and ransomware rise

27 Nov 2012

Irish businesses reported fewer security incidents during 2012 than in 2011 but instances of hacking tripled and Denial of Service attacks also increased year on year.

A new threat to emerge during the year has been ransomware, with six reported cases so far in 2012.

Irish organisations reported a total of 429 incidents during 2012, a 3pc drop on the 441 recorded in 2011. The figures come from IRISSCERT, the voluntary computer emergency response team.

Hacking accounted for three times as many security breaches this year than in 2011. Last year, there were five such attacks reported; this year the number is 15. There were 12 Denial of Service attacks reported to IRISSCERT this year, double the number in 2011. 

Nearly three out of four of all security incidents (73pc) involved criminals hijacking Irish firms’ web servers to host phishing sites that victims of banking scams in other countries would be directed to. IRISSCERT said this figure was down by 23pc on last year and called it “a trend we hope to see continue”.

Ransomware warning

Ransomware didn’t figure at all in last year’s review but now appears to be targeting small companies, not only in Ireland but elsewhere, including the USA and Australia. IRISSCERT recently issued a ‘high rated’ warning about the problem.

Ransomware incidents usually involve attackers breaking into servers on a victim’s network and infecting it with malicious software that encrypts the company’s data.

Then when an employee tries to access that information, they are told they have to pay criminals a fee – sometimes up to €3,000 – to get their data back. In this type of scam, attackers also overwrite the victim’s backups, shutting off the option of restoring to a previous version of the data.

IRISSCERT warned that, in some cases, even paying the criminals is no guarantee that a company will get its information back.

To avoid becoming a victim, the group recommends that organisations should have an effective firewall, keep up-to-date antivirus software on all PCs and servers, patch all other applications with the latest available security updates and ensure backups are working correctly.

IRISSCERT founder Brian Honan commented that the actual number of incidents is likely to be higher than the number reported to the group.

The data gathered by IRISSCERT in 2011 was included for the first time in this year’s edition of the annual global Verizon Data Breach Investigations Report.

Nicolas Villatte of Verizon said financial gain is attackers’ main motivation, and organised crime gangs are responsible for the majority of cybercrime incidents. Activists tend to take larger numbers of records, by contrast.

“They don’t care about the data, they just take everything they can. Organised crime is more picky – it’s about information they can sell on the black market,” he said.

Villatte advised organisations not to hold onto data they no longer need, and to check their information security and backup systems to ensure against breaches.

Gordon Smith was a contributor to Silicon Republic