Government hit by extortion wave in new cyber attacks
Hackers threaten to erase files of State bodies and county councils if ransom is not met, writes Adrian Weckler
Published 06/03/2016 | 02:30
Irish Government departments and public sector bodies are being extorted for access to their own files amid "a wave" of new cyber attacks.
The extortion attempts are part of a series of ransomware attacks that delete files on computers if a ransom is not paid to the hackers. The list of public bodies affected includes county councils, Government departments and other State bodies.
"A number of Government offices have seen evidence of these attacks," a Government spokeswoman told the Sunday Independent. "A small number of offices across the public service have [also] been affected."
Irish IT security firms say that the number of ransomware attacks affecting Irish companies and public sector bodies has mushroomed in recent months.
"We're seeing three to four attacks happening per day," said Conor Flynn, chief executive of Information Security Assurance Services.
"It's incredible the number of people being hit at the moment."
The Sunday Independent has also been contacted by readers who say they have been the victim of such ransomware attacks.
Ransomware attacks work when a computer's files are encrypted, or locked, by an attacker's program. The computer then displays a message warning that all of the files will be irretrievably deleted unless a ransom is paid electronically. Ransoms are typically set in the range of €300 to €500 but can escalate to thousands of euro, depending on the target organisation.
The attackers have become increasingly sophisticated, with some setting up help desks to talk people through the ransom payment process.
"Their business model is to honour the ransom payments because they want people to know that paying will unlock the computers," said John Ryan of Zinopy, another IT security firm that is dealing with a rise in reported ransomware attacks.
The Irish Government says the ransomware thieves have not been paid.
"At no time has any money been paid to attackers, in bitcoin or any other format," said the spokeswoman. "In all cases, the infected files have been quarantined relatively quickly and services restored. The effect was largely restricted to single desktop machines."
The spokeswoman declined to specify which Government departments had been affected.
Sunday Indo Business