Waiting to strike: Hackers are 'sitting on' computers of small businesses

He said this cyberattack, known as “post-compromise cryptoware”, enabled hackers not just to access specific information that they target, but the entire system.

“They are sitting on a system, they are crypotwaring everything, then one morning they pull the plug and they demand a ransom for everything," Mr Browne said.

"We have seen that kind of activity here in small businesses, in solicitors’ offices.” 

He said it was “very difficult” for small firms to come back from that and it was one of the areas the Department of Communications and the National Cyber Security Centre was prioritising in October, European Cyber Security Month.

Mr Browne, head of the department’s internet policy section, said of the 2,500 cyber incidents identified by the NCSC about 20% relate to fraud and half of them to phishing - fraudulent attempts to get personal data by pretending to be a trustworthy authority.

He was commenting at the online launch of a major piece of research, Cybercrime: Current Threats and Responses, that was commissioned by the Department of Justice.

The 158-page report, authored by Sheelagh Brady and Caitríona Heinl, said cybercriminals “may find Ireland an attractive target” given the concentration of major tech corporations and data centres here.

It said there was also a potential threat from hackers sponsored by other states in the theft of intellectual property given the high levels of R&D here.

It said Ireland “may have more to lose” than other countries attacked given the loss of confidence from outside investors.

The report highlighted the “lack of resourcing” of An Garda Síochána and the very low number of cyber-related prosecutions.

It said gardaí told researchers that cybercrimes “may be underreported to a greater degree than other crimes”.

It said gardaí had noted that small and medium enterprises “do not report such crimes because their main priority is to keep their business up and running when such crimes occur”.

Speaking at the event, Detective Chief Superintendent Paul Cleary, head of the Garda National Cyber Crime Bureau, said there was an “element of reluctance” on the part of businesses, institutions and individuals to report cybercrimes.

“We have to make it easy for people to report these crimes; currently we are looking at a mechanism for online reporting of non-urgent crimes,” he said.

He said they had recently trained 220 gardaí nationally to act as “digital first responders” in local areas, trained to take statements and preserve evidence.

He said prior to Covid-19 restrictions, students at the Garda College in Templemore were also being trained on cybersecurity.