Cybercriminals targeting smaller Irish businesses rather than State bodies

Cybercriminals targeting smaller Irish businesses rather than State bodies

The HSE suffered a devastating cyber attack in May 2021. 

Businesses are being warned that small- and medium-sized companies are increasingly being targeted by cybercriminals launching ransomware attacks

The National Cyber Security Centre (NCSC) and Garda National Cyber Crime Bureau (GNCCB) have sent out a letter warning business owners that they are becoming the focus of attacks, rather than state bodies, larger organisations or critical infrastructure.  

"Recently there have been several smaller Irish businesses impacted by ransomware,'' the letter stated.

Richard Browne, the director of the NCSC, said that the centre has been dealing with the threat of ransomware for some time, but the focus of attacks has now notably shifted. 

"We have seen a noticeable change in the tactics of criminal ransomware groups, whereby rather than largely focusing on governments, critical infrastructure and big business, they are increasingly targeting smaller businesses. 

"This is a trend that has been observed globally, and Ireland is no exception with several businesses becoming victims of these groups in the past number of weeks," he said. 

Mr Browne said that there are precautions that businesses can take in an effort to try and protect themselves. They have been published on the NCSC's website. 

“Whilst we appreciate that many business owners are understandably nervous of the threat ransomware poses, there are some straightforward security measures that can be put in place to ensure that an organisations data and systems remain secure," he said. 

Cyber authorities have cautioned business owners against actually making payments to attackers. 

Detective Chief Superintendent Paul Cleary, the head of the GNCCB, said that there is no guarantee that paying a ransom will lead to your data being successfully decrypted or prevent the data from being leaked online. 

"In fact, it may lead to your organisation being targeted again, with some research showing that up to 80% of organisations that pay are attacked again," he said. 

Mr Cleary encouraged business owners to report the incidents to cyber authorities. 

"Reporting incidents allows us to fully investigate these cyber-crimes and helps us to identify trends and methods used by attackers so we can provide cyber safety and network protection advice to the public and the corporate sector," he said. 

Sven Spollen-Behrens, the director of Ibec's small firms association, which represents businesses with less than 50 employees, said that the warning that has been issued echoes the concerns that he has heard from members. 

"The advice provided is very helpful and we’re eager to work with the authorities to ensure our membership are putting in place the right protections to defend against these attacks," he added. 

Ransomware is a type of software designed to block access to a computer system until a sum of money was paid. Often gangs will also threaten to release sensitive information unless the money is paid. Most notably, in 2021 the HSE was the victim of a large scale ransomware attack that crippled IT systems and sorely impacted the health service which was already reeling from the pressures of the Covid-19 pandemic. 

More in this section

Puzzles logo

Puzzles hub

Visit our brain gym where you will find simple and cryptic crosswords, sudoku puzzles and much more. Updated at midnight every day. PS ... We would love to hear your feedback on the section right HERE.

Let Me Tell You

Let Me Tell You is a new bespoke podcast series from 

Logo IE

Hosts Daniel McConnell and Paul Hosford take a look back at some of the most dramatic moments in recent Irish political history from the unique perspective of one of the key players involved.

Bespoke political podcast series from

Logo IE
Execution Time: 0.222 s