Why are cyberattacks back in the news?
In the middle of this week Fota Wildlife Park began emailing customers who had bought tickets on its website to visit the Cork attraction telling them it had been the victim of a cyberattack. The mail urged people affected to cancel their credit or debit cards and monitor their accounts for suspicious activity.
That sounds pretty serious, is it?
It is very serious indeed. While cyberattacks are all too common, it is quite unusual for customers of any company to be told they need to cancel their credit or debit cards. That is because under well-established data protection rules companies do not store such sensitive financial details on their systems. Those rules mean that even if a company is targeted by criminals, sensitive financial details of customers are unlikely to be compromised.
So, what is different about this?
It is probably too early to say exactly what has happened here as the investigations are ongoing but according to cybersecurity experts this has the hallmarks of what they call a “man in the middle” attack.
What does that mean?
It means that instead of breaching a company’s systems and stealing mountains of data in one go, the criminals gain illegal access and quietly hoover up the key data customers input over a period of time. That means they can collect complete details of credit and debit cards as well as other details.
‘I know what happened in that room’: the full story of the Conor McGregor case
Conor McGregor to pay almost €250,000 damages to Nikita Hand after jury finds he assaulted her in Dublin hotel
Storm Bert: Status red warnings in place with Met Éireann predicting ‘intense rain’ and high winds
Ryanair rejects €108m fine for cabin luggage fees among other practices
And what can they do with that?
It depends on who is behind the attack. Low-level criminals might simply use some of the credit or debit card numbers illegally obtained to buy products online which they will then sell on different platforms in order to make some easy money.
And what about high-level criminals?
They play a longer game. They collect all the card details and then sell them in batches on the dark web.
That sounds quite sinister. How much would they sell the information for?
That very much depends on the timing. Card details have far more value when the breaches have not yet been exposed but the value falls dramatically once the company that has been targeted becomes aware of the attack and starts alerting customers. In this case, the card details that may have been illegally obtained would have had far more value on Monday of this week than they have now.
And what can I do if my card has been used by the criminals?
The very first thing you need to do if you booked tickets on the Fota Wildlife Park website between May 12th and August 27th is to contact your bank and cancel the card that was used. Then go through your statements over the same period and look out for any transactions you do not recognise. If you see any, you will have to contact your bank or credit card provider immediately and flag it.
What happens then?
It depends on the type of card that has been compromised and possibly on your bank. Credit cards often offer a greater deal of protection to consumers than debit cards but in the first instance you will need to contact your bank or card provider and find out about its processes.
Is there anything else I should be worried about?
Unfortunately, yes. While sensitive financial details are obviously of the greatest concern, in a hack of this nature, the criminals will also most likely have had access to passwords, names, phone numbers and email addresses. They will also know the IP address used when making the bookings and the devices that were used. While much of this granular information has little value in isolation, it can be sold as a job lot, and used by various criminal enterprises to target individuals for future scams.
That sounds bad, is it?
Yes. If a criminal knows your name, email address and phone number, and is aware that you like wildlife or similar amenities to Fota, they can create bespoke scams for you. International evidence suggests that the more targeted and personalised a scam, the more likely it is to succeed.
What is going to happen next?
Fota Island Wildlife park has said it has taken “immediate steps to investigate and identify what information had been accessed on our website” in order to carry out containment measures. It added that external forensic cybersecurity experts had been engaged, and the incident had been notified to the Data Protection Commission. The park said it would co-operate fully with an investigation.
And in the meantime what should I do?
If you bought tickets on the park’s website over the summer months you need to cancel your card and change your passwords if they match the one you may have used on the site. You also need to keep a close eye on your account and be mindful of any email or phone communication you get in the future that may look in any way suspect.
- Sign up for push alerts and have the best news, analysis and comment delivered directly to your phone
- Join The Irish Times on WhatsApp and stay up to date
- Listen to our Inside Politics podcast for the best political chat and analysis