Businesses are warned of rising threat of cyber ransom attacks

Wayne O'Connor and Jerome Reilly

Published 13/11/2016 | 02:30

The Central Bank's director of policy and risk, Gerry Cross
The Central Bank's director of policy and risk, Gerry Cross

Businesses and financial institutions are being told to sharpen their cyber security measures after more than €50,000 was extorted from an education body.

  • Go To

The Central Bank of Ireland has warned financial institutions that cyber attacks are becoming more sophisticated, more targeted and more difficult to detect.

Business consultants have also warned that a relaxed attitude to cyber security leaves small and medium enterprises vulnerable to phishing scams and harmful software designed to extort money from vulnerable firms. Many businesses are affected as they take reactive action rather than work to prevent threats.

A Garda fraud probe is examining how the Laois and Offaly Education and Training Board, based in Co Laois, was hit for more than €50,000 in a scam. The Comptroller & Auditor General said the fraud was caused by a "control failure".

The education board was targeted two years ago when fake emails from a telecommunications provider were sent to organisations about bill payments. The fraudsters tried to extort money by asking firms to enter credit card details on a website.

Last week, Tesco Money in the UK was attacked by hackers who targeted funds from 20,000 accounts.

David Waldron, a senior business consultant with CloudStrong, which helps firms with cloud storage, said Irish companies were becoming increasingly aware of online security.

He said: "It was always very relaxed and has never been a huge concern. Small businesses were being hit by ransomware and various scams and ways of extorting money out of businesses."

He added the problem "is a massive threat and has not really been seen because it is not a great PR exercise for a company affected by it".

The Central Bank's director of policy and risk, Gerry Cross, said financial institutions were not doing enough to minimise the potential impact of an IT failure on the wider financial system.

The warning came ahead of the Dublin Info Sec 2016 cyber security conference at the RDS on Tuesday.

INM technology editor Adrian Weckler will be among the speakers. He said: "In the last year, global security incidents have risen by almost 40pc, according to PwC research. That includes some 400 million personal records that were exposed through breaches across the financial, business, education, government and healthcare sectors."

To get tickets for the Info Sec 2016 cyber security conference, call 01 7055787 or see www.independent.ie/infosec2016.