What can small Irish businesses learn from the HSE cyber-attack?

Cyber crime as an industry is enormous. According to techradar, its estimated that $945billion was lost by organisations globally as result of cyber attacks in 2020. In the 2020 PwC Irish Economic Crime Survey 13% of cyber fraud incidents in Ireland result in a loss of over €4million. With cybercrime set to increase what are the key areas to know as owners of SMB’s:

What is ransomware?

Ransomware is malware that is placed on a system with the purpose of encrypting or stealing your data or in some cases both – this is known as double extortion. To resolve this, the usual ask is to transfer Crypto currency to the attackers. This can be a serious threat for Irish businesses because there’s a cost associated with any business not being able to carry out as normal not to mention the fee associated with regaining this data. Most ransomware attacks happen at the end user (internal staff) and usually through phishing emails where the sender comes across as legitimate and encourages personal information to be shared through links provided. With that in mind it’s believed that nowadays the easiest way to rob a bank is not through its front door but via it’s vulnerable users and their vulnerable systems to demand the cash.

How common are ransomware attacks?

Typically, the most opportune moment for attacks would have been around lengthy public holidays like Christmas when security or IT staff that monitor this activity would be on leave. No doubt the working from home switch that happened virtually overnight played into the hands of cyber-attacks. Company systems that were entirely physical in offices are now put in place in employees’ homes. This begs the question are standards of security as high the working from home transformation or was the objective speed to ensure staff could operate at home with pressured turnaround times at stake. Conor Scolard – technical director of Ekco Ireland who specialise in restoration of client sites mentioned that in the past attacks might have been 1 a month whereas lately Ekco is witnessing 3 restoration requests a week by Irish businesses.

How can Irish businesses prevent cyber attacks

Unfortunately, no business is exempt from an attack and equally no business can 100% prevent a cyber-attack occurring in the future. Typically, an attack may be targeted towards a bigger corporation with the view that a higher ransom payment could be sought. Attacks have matured over time, what was once the virus and disruption without financial gain approach is now fully about financial gain. If you believe your systems have been attacked the rule of thumb is to shut all your systems off ASAP to limit the damage.

How to find out if your data has been stolen?

It’s likely that some our personal information from accounts that we have created through trusted online websites have been breached in the past so the HSE episode isn’t entirely isolated. These can be in the form of login details leaked from a past Dropbox breach or phone number leak from the recent Facebook data scrape. Many of us don’t have access to the dark web which is where the data breached would be housed for hackers to use, but we are instructed to stay alert as small businesses and as users in general. Visit the site and see if accounts you created with your email address or your phone number have been breached in previous attacks. If so, you are encouraged to change the password of these associated accounts.

The most recent examples are suspicious phone calls claiming to be from government bodies while other measures reported are claims that your webcam has been recorded and that the footage will be released if you do not pay a ransom, to heighten their portrayed proof they may quote an old or current password or username of having this in their possession.

Minimising threats

As a web designer for SMB’s its my duty to ensure that I’m taking the best practice steps in website security to form the best possible defense should an attack surface. The approach I take with my clients is regular backups of site data is completed and copies of these backups are stored offline so that if a potential attack occurs then we are positioning ourselves for minimal disruption.

Setting alerts for suspicious activity is another measure I take for managing my clients’ websites. This allows me to identify potentially suspicious IP address trying to hack sites I have created to which I can then block them from accessing my clients site going forward. Despite this being a manual exercise, I feel is an essential one.

Online Security tips:

  • Be aware of phishing email attempts. Seeing as most attacks happen at the end user of companies (internal staff) be careful of what email links you click on or interacting with emails received from a suspicious looking email address.
  • Are you backing up your site data? This won’t prevent you from being hacked but it could limit downtime if an attack occurs. Have a backup and a copy of that backup and store offsite.
  • Have you a plan in place if attacks happen? First port of call is to turn off all systems to limit the damage. You will be using your backup data for the restoration once you’re happy the attack has ended and your systems are free from infiltration.
  • Enable two factor verifications on personal and business social media pages. There is a rise in small business profiles being hacked so ensure you don’t lose the pages you’ve spent time building.
  • For more information browse through the findings of the PwC Irish Economic Crime Survey

Feel free to contact us to discuss any of the above points raised.