Security experts warn of cyber attacks following invasion of Ukraine

Irish consumers and businesses advised to be on high alert for cyber attacks

Security experts said there could be an escalation in cyber attacks in the coming weeks, with companies linked to Ukraine possible targets. Photograph: Getty Images/iStockphoto

Irish consumers and businesses have been advised to be on high alert for potential cyber attacks following Russia's invasion of Ukraine and should "treat the internet as hostile" in the coming days and weeks.

Security experts said there could be an escalation in cyber attacks in the coming weeks, with companies linked to Ukraine possible targets. They said there was a possibility that criminals could try to take advantage of the disruption caused by the conflict.

Security consultant Brian Honan said there was no evidence of a direct threat to Irish businesses and organisations from a cybersecurity point of view.

However, he said there were other things that companies needed to consider including the potential risk from companies in their supply chain linked to Ukraine, such as software development companies or providers that are likely to be offline or unavailable.

READ MORE

“We know there has been several DDOS attacks launched against Ukrainian government websites and financial sites in the past,” he said.

“There’s a new computer virus discovered in the past 48 hours that is wiping systems in Ukrainian organisations. That has been seen to spread to other countries. The problem with computer virus attacks is that they are very hard to contain. Cyber weapons are not precise; they’re not easily controlled and could cause damage elsewhere.”

The NotPetya attack in 2017 was conducted primarily against businesses working in Ukraine, but the resulting attack caused several billion euro of damage globally.

Misinformation is also a risk, along with criminals latching on to the crisis to con people out of money or personal details, through phishing emails claiming to be from international aid organisations, or through infected videos or emails claiming to provide information on the crisis. Russian-based ransomware gangs may also be given more leeway, experts warned.

Escalation expected

Speaking on RTÉ Radio One's Today with Claire Byrne, Smarttech247 chief executive Ronan Murphy said he expected a "significant escalation" from a cyber perspective.

"We are seeing everywhere, Ireland and North America included, the amount of cyber activity globally has increased very significantly," he said. "We're warning everybody to be uber alert, to be extremely careful, to treat the internet as hostile in everything you do over the coming days and weeks."

He said companies should treat links and emails with caution.

“Be careful what you open, what you click on, what links you follow, what information you read – it’s so multifaceted in terms of the risk that people face and that governments face.”

The National Cyber Security Centre issued an advisory last week saying the risk to Irish entities from a targeted nation-state attack relating to current events in Ukraine was low. However, it warned Irish companies could be affected by events “downstream of any primary targets in the region”.

"NCSC-IE would particularly advise organisations with operations based in Ukraine and Russia to take time to analyse/audit third-party supply contracts, test their incident response plan and to harden their organisations security posture," it said. "Previous state-backed cyber operations in the region have caused significant disruption to some Irish-based entities in the past."

Ciara O'Brien

Ciara O'Brien

Ciara O'Brien is an Irish Times business and technology journalist