440 Irish firms hit by cybercrime

MORE THAN 440 businesses in Ireland were victims of cybercrime last year, with most attacks involving websites being hijacked…

MORE THAN 440 businesses in Ireland were victims of cybercrime last year, with most attacks involving websites being hijacked by criminals to host phishing scams.

The figures come from incidents reported in 2011 to the Iriss-Cert, the non- profit volunteer computer security incident response team which shares free information about security threats and computer vulnerabilities.

For the first time, the group shared information with US communications group Verizon when compiling its 2012 international Data Breach Investigations Report, which was released last week.

Of the 441 security breaches in Ireland reported to Iriss, 408 were sites hijacked to host phishing sites on behalf of criminals. That leaves 33 incidents that were submitted to Verizon, which reported on 855 incidents involving 174 million compromised records.

READ MORE

This was the second highest loss of data since Verizon began reporting the figures in 2004.

Considered one of the more reputable information security studies, the Verizon report also included contributions from the Australian Federal Police, the Dutch National High Tech Crime Unit and the US Secret Service. Ireland was one of 36 countries in which a data breach occurred, the report found.

Most of the breaches in the global report refer to cardholder data, which tends to be stored and stolen in bulk. There were few instances of intellectual property theft reported worldwide in comparison, and fewer still in Ireland.

There were five such cases reported to Iriss-Cert in 2011. Eliminating cases of hijacked websites where no confidential information was compromised, that means 15 per cent of all breaches against Irish companies were to steal data. In one case, the stolen information related to bidding details for a tender which were then leaked to the victim’s competitors.

Verizon’s report found that 58 per cent of data theft in 2011 was caused by hacktivists – cyber attackers motivated by political ideology rather than criminal financial gain.

Just one such hacktivist attack was recorded in Ireland during 2011, against the Fine Gael website before the general election. One other Irish site was defaced to show a message in support of the Kurdish people in Turkey. Brian Honan, head of Iriss-Cert, said that since no group admitted responsibility, proving a motive in such cases is difficult.

“If you look at the modus operandi of hacktivist groups, they would attack or deface a site and then announce it on Twitter,” he said.

Iriss-Cert’s figures only refer to incidents that were reported to the group, Mr Honan added. Statistics from the Zone-H cybercrime archive show that Irish websites are defaced regularly, suggesting that in many cases, the website owners do not report the incidents to security groups.

Mr Honan said having more information about attack types made it easier to identify trends and inform businesses of action to defend themselves. “There are a lot of other breaches happening but because they are not reported to us, we cannot analyse them for trends,” he said.

In Ireland and internationally, the report found no examples of new types of attacks, many of which rely on exploiting old weaknesses such as poor password management or systems not being patched with the latest security updates.