Hi everyone, Ella here, Cyber Agent ICTTF - International Cyber Threat Task Force, with a quick cyber hit.
Last Thursday (January 20th) I tuned into
Bank of Ireland's discussion about the impact of cybercrime on Irish businesses. The dominant topic discussed was the insidious nature of ransomware attacks and how it is the deadliest and most prevalent threat to all business sizes and sectors today. Brian Halligan, Inspector at Garda National Cyber Crime Bureau (GNCCB) broke down the typical attack cycle that they see when helping victims of such attacks:
- Cyber criminals identify and target victims with carefully crafted phishing emails.
- The target clicks on the link within the email causing the system to become compromised, in the background the hackers execute the malware by leveraging and exploiting an identified vulnerability.
- The hackers will typically spend days to months mapping out the network, identifying critical data, often they will increase their privileges and set up multiple access points. These are just a few examples of what typically occurs.
- The cyber criminals will encrypt the data and may exfiltrate it, depending on their intentions.
- At this stage the system will be “down”, a ransom note will be dropped onto the system, demanding payment and typically identifying the criminal group responsible.
- The GNCCB sees ransoms being demanded in the form of cryptocurrency, typically bitcoin.
- The victim is directed to a dark web address to connect with the cyber criminals and to obtain the decryption key, which often does not happen.
GNCCB identified that multiple attacks of this nature are reported to them on a weekly basis.
I hope you found this breakdown insightful, stay tuned for more quick hits of all things cyber!
Ella O’Neill is a Cyber Agent at ICTTF
