• Current students
      • Student centre
        Enrol on a course/exam
        My enrolments
        Exam results
        Mock exams
        Learning Hub data privacy policy
      • Course information
        Students FAQs
        Student induction
        Course enrolment information
        F2f student events
        Key dates
        Book distribution
        Timetables
        FAE elective information
      • Exams
        Exam Info: CAP1
        E-assessment information
        Exam info: CAP2
        Exam info: FAE
        Access support/reasonable accommodation
        Extenuating circumstances
        Timetables for exams & interim assessments
        Interim assessments past papers & E-Assessment mock solutions
        Committee reports & sample papers
        Information and appeals scheme
        JIEB: NI Insolvency Qualification
      • CA Diary resources
        Mentors: Getting started on the CA Diary
        CA Diary for Flexible Route FAQs
      • Admission to membership
        Joining as a reciprocal member
        Conferring dates
        Admissions FAQs
      • Support & services
        Recruitment to and transferring of training contracts
        CASSI
        Student supports and wellbeing
        Audit qualification
        Diversity and Inclusion Committee
    • Students

      View all the services available for students of the Institute

      Read More
  • Becoming a student
      • About Chartered Accountancy
        The Chartered difference
        What do Chartered Accountants do?
        5 Reasons to become a Chartered Accountant
        Student benefits
        School Bootcamp
        Third Level Hub
        Study in Northern Ireland
        Events
        Blogs
        Member testimonials 2022
        Become a Chartered Accountant podcast series
      • Entry routes
        College
        Working
        Accounting Technicians
        School leavers
        Member of another body
        International student
        Flexible Route
        Training Contract
      • Course description
        CAP1
        CAP2
        FAE
        Our education offering
      • Apply
        How to apply
        Exemptions guide
        Fees & payment options
        External students
      • Training vacancies
        Training vacancies search
        Training firms list
        Large training firms
        Milkround
        Recruitment to and transferring of training contract
        Interview preparation and advice
        The rewards on qualification
        Tailoring your CV for each application
        Securing a trainee Chartered Accountant role
      • Support & services
        Becoming a student FAQs
        Who to contact for employers
        Register for a school visit
    • Becoming a
      student

      Study with us

      Read More
  • Members
      • Members Hub
        My account
        Member subscriptions
        Annual returns
        Application forms
        CPD/events
        Member services A-Z
        District societies
        Professional Standards
        Young Professionals
        Careers development
        Diversity and Inclusion Committee
      • Members in practice
        Going into practice
        Managing your practice FAQs
        Practice compliance FAQs
        Toolkits and resources
        Audit FAQs
        Other client services
        Practice Consulting services
        What's new
      • In business
        Networking and special interest groups
        Articles
      • Overseas members
        Home
        Key supports
        Tax for returning Irish members
        Networks and people
      • Public sector
        Public sector news
        Public sector presentations
      • Member benefits
        Member benefits
      • Support & services
        Letters of good standing form
        Member FAQs
        AML confidential disclosure form
        Institute Technical content
        TaxSource Total
        The Educational Requirements for the Audit Qualification
        Pocket diaries
        Thrive Hub
    • Members

      View member services

      Read More
  • Employers
      • Training organisations
        Authorise to train
        Training in business
        Manage my students
        Incentive Scheme
        Recruitment to and transferring of training contracts
        Securing and retaining the best talent
        Tips on writing a job specification
      • Training
        In-house training
        Training tickets
      • Recruitment services
        Hire a qualified Chartered Accountant
        Hire a trainee student
      • Non executive directors recruitment service
      • Support & services
        Hire members: log a job vacancy
        Firm/employers FAQs
        Training ticket FAQs
        Authorisations
        Hire a room
        Who to contact for employers
    • Employers

      Services to support your business

      Read More
☰
  • The Institute
☰
  • Home
  • Articles
  • Students
  • Advertise
  • Subscribe
  • Archive
  • Podcasts
  • Contact us
Search
View Cart 0 Item
  • Home/
  • Accountancy Ireland/
  • Articles/
  • Leadership/
  • Latest News/
  • Article item

SMEs face worrying rise in ransomware attacks

Oct 06, 2022

The use of malicious software to extort small businesses is on the rise in Ireland as global criminals seek out easier prey. Arlene Harris reports

Ransomware. At a time of rising awareness of cyberthreats and the need for adequate safeguards across all business functions, including finance, ransomware is emerging as a growing threat for even the smallest operators.

And, according to Dr Richard Browne, Director of the National Cyber Security Centre (NCSC), ransomware is “here to stay”.

A form of extortion “as old as the hills”, ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, explained Browne.

What is new in the field is a concerning rise in the number of ransomware attacks recently aimed at small- and medium-enterprises (SMEs), a segment of Irish business so far largely unaffected by this particular cyberthreat.

Indeed, a statement issued in August by the NCSC in conjunction with the Garda National Cyber Crime Bureau warned SMEs that, in a noticeable shift in ransomware tactics, hackers were turning their attention away from big business and government entities to focus instead on smaller businesses.

“This trend has been observed globally and Ireland is no exception, with several businesses becoming victims of these groups in the past number of weeks,” said Browne.

“A number of different business models are typically used, which involve encryption of a victims data by a threat actor, whether that is a criminal gang or a lone individual.”

Greater threat in newer tactics

Cybersecurity has, by and large, kept pace with criminal activity online until now and experts are quite adept at dealing with established ransomware practices—which typically involve a threat actor making contact with a victim, and requesting a key to unlock or decrypt the victim’s information.

The threat landscape is evolving, however, leading to newer ransomware tactics that are more difficult to defend against.

“Recently, human-operated ransomware has been developed, which means there is a person in the loop with more advanced techniques,” Browne explained.

“They hack into a system—or across it, in many cases—steal data and seek to encrypt an entire IT system. The old-fashioned ransomware ‘drive-by’ (often caused by clicking on a link) is not a massive threat as it can usually be stopped by anti-virus software, but human-operated ransomware is categorically a risk for businesses of any kind.”

Behind the rise of human-operated ransomware are often established, integrated and organised criminal enterprises that operate “at scale and at speed” globally, Browne said.

“This is very much a global market, with the ‘bad guys’ targeting IP addresses anywhere in the world,” he said.

“Over the years, many have been heavily compromised, but, while their organisations have been broken up, the individuals involved are still criminals and they are still capable of conducting cyberattacks, so they tend to simply reform and go after smaller targets.”

Criminals target smaller players

While large corporations are more likely to have the financial means, technology and expertise to handle a sophisticated ransomware attack, the same cannot be said for many of their smaller counterparts.

“Because of changes in the ecosystem, smaller companies are getting hit more often than bigger entities, which can afford to be prepared, are more resilient and much more able to deal with incidents when they occur,” Browne said.

“So, [the hackers] are going after SMEs and individual companies, which might only net them a smaller ransom, but they are much more likely to be paid.

“It is also easier. They don’t have to spend as much time navigating systems and don’t have to be as careful as they would with high-end security systems, so they can target more small companies.

“Solicitors’ offices, for example, will often have sensitive data on file—so it is in their interest to pay not to have it released.

“The criminals may also gain access to customer money sitting in a firm’s account over a weekend (for lodgement the following week), which makes them a target for other activities, such as fraud.

“Of course, there have been some very high-profile attacks too, such as the Colonial Pipeline attack in the US, which took out a piece of physical infrastructure without actually damaging or physically affecting it. JBS Meats is another one and the HSE is probably the most well-known here in Ireland.”

These ransomware attacks are happening “all the time”, said Browne, both in Ireland and elsewhere.

“Just today, I’ve had reports of about 15 new ransomware attacks in Europe over a few days. We, in Ireland, are relatively lucky as we are something of a small player, but we are at risk nonetheless.”

While criminal gangs are set to continue making money by hacking into IT systems, harvesting data and selling it on, or blackmailing companies into paying a ransom, Browne advises that there are steps SMEs can take to protect themselves from ransomware attacks.

Effective security measures

“We appreciate that many business owners are understandably nervous about the threat ransomware poses, but some straightforward security measures can be put in place to ensure that an organisation’s data and systems remain secure,” he said.

“Some SMEs won’t have an IT system as it will be outsourced, so the first thing they need to do is to ask their vendor how prepared they are for dealing with this kind of thing.”

At the very least, businesses should have two-factor identification on all of their online accounts—whether it be Facebook, Gmail or a financial services package.

“It sounds simple, but, if everyone did this, it would dramatically reduce the amount of damage done,” said Browne.

“After that, I would encourage firms to ensure their vendor has proper offline back-up and, internally, to decide that—on a specific day of the week—someone will be tasked with taking the external hard-drive, making a copy of it, and putting it away.

“This way, they will have a secure offline system so, if they need to restore it after an incident, it can be done without taking down the company.

“Beyond that, they should have an up-to-date antivirus system and ensure any vulnerabilities are patched up.”

Making these provisions is becoming more essential for SMEs because ransomware, as Browne puts it, “isn’t going away”.

“People need to be vigilant and governments need to do more to deal with it and ensure these guys don’t get paid, so that, eventually, it will become less prevalent,” he said.

“That’s not going to happen overnight. It is going to continue to be an issue for some time. We all need to be aware and take steps to keep our systems secure.”

For more advice and information, visit ncsc.gov.ie or garda.ie/en/crime/cyber-crime

The latest news to your inbox

Useful links

  • Current students
  • Becoming a student
  • Knowledge centre
  • Shop
  • District societies

Get in touch

Dublin HQ

Chartered Accountants
House, 47-49 Pearse St,
Dublin 2, Ireland

TEL: +353 1 637 7200
Belfast HQ

The Linenhall
32-38 Linenhall Street, Belfast
Antrim BT2 8BG, United Kingdom.

TEL: +44 28 9043 5840

Connect with us

CAW Footer Logo-min
GAA Footer Logo-min
CARB Footer Logo-min
CCAB-I Footer Logo-min

© Copyright Chartered Accountants Ireland 2020. All Rights Reserved.

☰
  • Terms & conditions
  • Privacy statement
  • Event privacy notice
LOADING...

Please wait while the page loads.