Ransomware attacks against small Irish businesses on the rise

12 Aug 2022

Image: © Andrey Popov/Stock.adobe.com

Government advice is to avoid paying ransoms and report incidents to the National Cyber Security Centre and An Garda Síochána.

Small business in Ireland have been warned of an increased threat of ransomware attacks in recent months.

The National Cyber Security Centre (NCSC) and the Garda National Cyber Crime Bureau (GNCCB) have warned in a letter that ransomware groups, which typically focused on larger organisations in the past, are now increasingly targeting SMEs instead.

The letter was sent to the Small Firms Association of Ibec, the lobby group for businesses in Ireland.

NCSC director Richard Browne said that while the State cybersecurity body has been dealing with ransomware threats for some time now, there has been as “noticeable change in the tactics” of cybercriminals.

“Rather than largely focusing on governments, critical infrastructure and big business, they are increasingly targeting smaller businesses. This is a trend that has been observed globally, and Ireland is no exception with several businesses becoming victims of these groups in the past number of weeks.”

Browne noted that are some “straightforward security measures” that business owners can put in place to ensure the safety of their organisation’s data and systems.

The first advice is to never pay ransoms to criminal groups. “There is no guarantee that paying a ransom will lead to your data being successfully being decrypted or prevent the data from being leaked online,” said detective chief superintendent Paul Cleary of the GNCCB.

Paying a ransom can lead to the organisation being targeted again, Cleary noted, referring to figures that show 80pc of businesses get attacked again.

Business owners are also advised to report incidents to both the NCSC and An Garda Síochána, who may be able to support victims of cyberattacks.

“Reporting incidents allows us to fully investigate these cybercrimes and helps us to identify trends and methods used by attackers so we can provide cyber safety and network protection advice to the public and the corporate sector,” Cleary added.

Ibec said that the warning from the State bodies tally with what the lobby group has been hearing from its members, who are “increasingly worried” about cyberattacks.

“The advice provided is very helpful and we’re eager to work with the authorities to ensure our membership are putting in place the right protections to defend against these attacks,” it said.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Vish Gain is a journalist with Silicon Republic