Digital

How safe is your data?

eolas highlights the growing prevalence of cyber attacks in Ireland.

While cyber attacks may seem like a rare occurrence in Ireland, they can and do happen. A recent survey of IT professionals revealed that Irish businesses and public sector agencies spent on average €240,000 in the past year to tackle cyber crime and security breaches.

The survey, produced by IT security company Ward Solutions, questioned 263 senior IT professionals working in large enterprises, small businesses and public sector agencies in Ireland. The average cost included the cost of protecting data, responding to incidents and repairing damages caused by hacking, identity theft, malware and other forms of cyber crime.

The survey also found that one in two respondents suffered an attempted spear phishing attack. These attacks target specific individuals who often have authority to make funds transfers. The messages these individuals receive include a personalised cue making them appear genuine therefore increasing the chances the recipient will mistakenly give money to a third-party bank account or download malicious software. While the success rate of such attacks is low, any success can be very damaging to the victim.

Phishing attacks are just one of many types of cyber crime to be aware of. In early January, Government websites came under a sustained external cyber attack. As a result of this attack a number of departments and agencies, including the HSE, the Central Statistics Office, the Department of Justice, the Courts Service and the Department of Defence saw their websites taken offline for a short period of time.

A spokesperson for the HSE confirmed the entire Irish government network experienced an attack by a third party known as a distributed denial-of-service (DDOS) attack. A DDOS attack is an attempt to make an online service unavailable by overwhelming it. This comprises of a massive amount of attempted data connections directed towards the network that is designed to flood the available channels, disrupting the website’s ability to communicate and as a consequence, operate.

While attacks on this scale may be rare, according to the Irish Computer Society a third of data protection professionals admitted to having experienced a data breach in the past 12 months. The society’s nationwide survey asked data protection professionals about the safety of data held within their organisations. Although 87 per cent of respondents stated their organisations had a information security policy in place, 33 per cent claimed that they had experienced a data breach in the last 12 months.

However, this does not necessarily mean that an external cyber attack occurred as 45 per cent of respondents stated that employee negligence is the biggest threat to their organisation’s cyber security, ahead of external attackers and end user devices containing sensitive data. To address this problem the survey recommended formal training as the best approach to educating end users about data protection practices.

The Irish Computer Society also notes a general malaise amongst organisations to their cyber security provisions ahead of the implementation of the new EU General Data Protection Regulation with only 40 per cent of data protection professionals stating that their organisations have taken the necessary steps to adapt.

Show More
Back to top button