Minister of State at the Department of the Environment, Climate and Communications, Ossian Smyth, Minister for Justice, Helen McEntee, and Assistant Garda Commissioner, Paul Cleary, have launched a joint public awareness campaign for October’s European Cyber Security Month. This year’s campaign focuses on the twin themes of phishing and ransomware, urging vigilance and outlining their potential impacts on the everyday lives of Irish citizens and businesses. The campaign is being jointly promoted by the National Cyber Security Centre (NCSC), and the Garda National Cyber Crime Bureau (GNCCB).
Over Cyber Security Month, which runs throughout October, the NCSC will raise awareness of phishing and ransomware across online and traditional channels. This will take place alongside work by the GNCCB. Both bodies are engaging with target audiences — for example, the elderly and SME businesses — to highlight the risks involved and the steps that can be taken against both phishing and ransomware attacks.
Phishing emails, used by attackers to lure people into disclosing personal details or clicking on malicious links, are used by cyber-criminals to gain unauthorised access to a computer or network. Hackers continue to design smarter and more sophisticated phishing emails, in the hope of gaining people’s trust and pressuring them into acting without thinking.
Throughout October a key focus will be on informing the public, in particular the elderly, on how to avoid becoming a victim of email phishing, how to spot the tell-tale signs of these types of emails and what to do if a person has fallen victim to an e-mail phishing attack.
Commenting on the launch, Minister McEntee said:
“I know I am not alone in being bothered by fake calls and text messages, and I share people’s frustrations at having to fend off these criminals and their often sophisticated scams. The simple truth is that the same technological advancements that have made our lives easier in so many ways also open us up to new forms of criminality. And, by its nature, those seeking to take advantage of today’s global connectivity often sit outside the easy reach of domestic law enforcement. That is why we need to do everything we can to help people and businesses protect themselves.
“The ability of international criminal gangs to launch ransomware attempts against Irish entities from anywhere in the world reinforces the importance of having well-designed and resilient cybersecurity procedures and systems in place.
“European Cyber Security Month is a valuable opportunity for us all to work together to raise awareness of the dangers of cybercrime and try and protect those most at risk. And the continued expansion of the Garda National Cyber Crime Bureau and the National Cyber Security Centre under this government demonstrates our commitment to doing so.”
Tactics of criminal ransomware groups
The second area of focus is ransomware. The focus will be on the stages of a ransomware attack chain, the impacts they have, and the important actions that can be taken in ‘breaking the chain’ and stopping an attack from occurring. Previously issued guidance will also be promoted, including a ‘Cyber Vitals’ checklist and ‘12 Steps to Cyber Security for businesses’ — to help to build and improve their cyber resilience (to defend against ransomware attacks).
The NCSC and GNCCB have seen a noticeable change in the tactics of criminal ransomware groups, whereby rather than largely focusing on governments, critical infrastructure, and big business, they are increasingly targeting smaller businesses. Both agencies advise that ransom payments should not be made to criminal groups, highlighting that there is no guarantee that paying a ransom will lead to your data being successfully decrypted or prevent the data from being leaked online.
The NCSC and GNCCB will take part in a webinar on ransomware hosted by IBEC and the Small Firms Association during the second half of October. The webinar will involve panel discussions on key cyber-security challenges and what key steps businesses can take to defend against these types of online crimes. In addition, the Bureau will take part in a series of roadshows around the country organised by ISME to discuss cyber risks and awareness from the small and medium enterprise business sector. Full details of locations and dates are available on the ISME website (Click Here to Access Website). Similar support is being provided by Age Action and Age Friendly Ireland, who will use their networks to get the European Cyber Security Month 2022 cyber safety message out – to senior citizens and the wider community.
The NCSC will conduct several briefings for Operators of Essential Services (OES) and government departments to raise awareness of Cyber Security threats during October. The NCSC will also host the first session of the Cyber Ireland National Conference on Enhancing Resilience in an Uncertain World on 5 October.