Irish businesses are facing new security threats from malicious users as denial of service attacks and “ransomware” become more common, new research said.
The threats were revealed in a report released ahead of an annual conference on cybercrime held in Dublin today by the Irish Reporting & Information Security Service (IRISSCERT).
The report revealed that although the number of attacks had fallen overall, there was a significant change in the type of threats facing Irish businesses.
“We still have the traditional threats of computer virus infections, security breaches, website defacements and hijacking to host malware or phishing sites,” head of IRISSCERT Brian Honan said.
“However, this year we are seeing a trend in the use of Denial of Service attacks against organisations. Some of these attacks can be attributed to hacktivist activity, but for others the motive is not so clear and could be criminal elements looking to extort businesses.”
Ransomware is where a company’s systems are infected with malicious software, encrypting the data on the server and affecting a company’s back-ups. To recover the data, victims are told they must pay, with some amounts demanded as high as €3,000, or else the data will be deleted or left encrypted.
Mr Honan said these type of attacks were being targeted at SMEs in particular, as many lack the expertise to deal with the threat.The study revealed six separate incidents of companies being targeted in this way.
Mr Honan said in total, there were 429 incidents reported to IRISSCERT in 2012, slightly lower than the 441 for the same period last year.
Denial of service attacks have risen two-fold.
Phishing, where users are fooled by into handing over sensitive details such as passwords, remains the main form of attack, with websites being hijacked to host phishing sites to target customers of financial institutions. There were 315 attacks reported to IRISSCERT in 2012, down almost a quarter on last year.
This year’s conference, which was held in the Clyde Court Hotel, is also being used by companies to recruit experts in the security industry, with a shortage of skills in the area.
Separately, the EU security agency ENISA is publishing a report on 30 different digital traps, or “honeypots”, that can lure attackers and help detect online attacks.
The honeypots mimic real computer systems, applications and data, and are monitored for malicious activity. The study looks at 30 of the traps across a number of different categories, and evaluates their shortcomings, deployment barriers and their future.
“Honeypots offer a powerful tool for CERTs (computer emergency response teams) to gather threat intelligence without any impact on the production infrastructure,” said executive director of ENISA Professor Udo Helmbrecht.
“Correctly deployed, honeypots offer considerable benefits for CERTs; malicious activity in a CERT’s constituency can be tracked to provide early warning of malware infections, new exploits, vulnerabilities and malware behaviour, as well as give an opportunity to learn about attacker tactics.