Irish SMEs face Increased Ransomware Threat
Ransomware, the term used to describe a malicious act of cyber-criminality, occurs where threat actors infiltrate an organisation’s IT system and encrypt critical business data, preventing the organisation from accessing it and oftentimes causing operations to grind to a halt. The criminals will then hold that data to ransom, theoretically only releasing an encryption key after a sum of money has been transferred to them. As one is dealing with a criminal organisation, is it never wise to pay the ransom, as there is simply no guarantee that the data will ever be recovered.
Every industry is at risk from this menace of cyber-warfare, and organisations in the SME space are no exception. In Ireland, the National Cyber Security Centre (NCSC) and the Garda National Crime Bureau have warned SME owners of this increased threat of ransomware attacks.
In previous years, while smaller organisations have always been at risk from ransomware, synchronised, targeted attacks were traditionally focused at larger enterprises and government agencies because of the larger ransoms which were being paid. This paradigm seems to be shifting, with more targeted attacks directed towards SMEs.
A recent study of Irish SME business owners conducted by Datapac in conjunction with our data backup and business continuity partner Datto corroborates this. The silver lining to this unfortunate reality is that more and more SMEs are becoming aware of the potential risk to their organisation’s data, with 86% reporting concern that their organisation will become a target of cybercrime. Worryingly, of those surveyed, almost a third (31%) have already experienced data theft in the past year. To address this risk, many are turning to the expertise and advice offered by an outsourced Managed Service Provider (MSP) to help combat the threat.
At the global level, ransomware shows no signs of abating. According to a worldwide survey of mid-sized organisations, detailed in the Sophos State of Ransomware Report 2022, there was a 37% increase in ransomware attacks in 2021 vs the previous year. The report attributes the growing trend of Ransomware-as-a-Service (RaaS) as a significant contributing factor in the growth of attacks on smaller organisations. RaaS refers to the nefarious business model conducted on the dark web whereby ransomware developers will sell or rent their malicious code to buyers, who are then free to execute it on the target organisation of their choice. Acting as a perverse reflection of legitimate software companies, many RaaS developers will even provide ongoing support to their “customers”, helping them to maximise the chance of a successful infiltration and ransomware detonation. The democratisation of this criminal undertaking has significantly reduced the barrier to entry for threat actors, making it viable from a risk/reward perspective to target smaller organisations.
To help get a better understanding of the reality of ransomware, the below scenario broadly describes the steps of a successful ransomware attack which results in a ransom note appearing on your screen:
- Installation – Your machine is compromised when you click a malicious link. A common example would be clicking a suspicious link or attachment in an email. The cyber-criminal’s code is then downloaded onto your machine. By incorporating advanced stealth tactics it can evade Anti-Virus detection, enabling it to hide in plain sight.
- Call Home – The malicious code calls home over a secured covert communication channel to a server controlled by the intruders. This is bad news for you. The interlopers now have control over your environment and terrible things are just around the corner.
- Encryption Key Generation – Your machine and the malicious server generate an unbreakable pair of cryptographic keys that will be used to encrypt the victim’s files. One key is stored on your device and the other, unfortunately for you, is stored on the perpetrator’s server. Without the key on the malicious server, decryption of files is impossible.
- Encryption – The Ransomware on your machine starts encrypting files across your network. Before long, your files are scrambled, inaccessible and useless. Applications and Operating Systems crash, and production is ground to a screeching halt.
- Ransom Demand – A ransom note is displayed on your screen demanding payment in order to release the decryption key stored on the malicious server controlled by the criminals. Untraceable digital payment methods such as Bitcoin are the preferred transaction type. After a short period defined by the perpetrators, the decryption key will be deleted, making any decryption impossible.
As demonstrated in the above scenario, ransomware and other cyber attacks typically follow a predictable pattern, involving some form of reconnaissance, infiltration and eventual detonation. This series of events is referred to as the Cyber Kill Chain, and the best way for an organisation to protect itself from becoming a victim of cybercrime is to have strong, proven defences at each link of the chain. The earlier in the chain an attack can be disrupted, the less damage will be done to the affected organisation.
Unfortunately, many SMEs lack the expertise or resources to design and deliver this level of protection in-house; oftentimes becoming fixated on individual point solutions without fully considering the full implications to organisation-wide security processes and policies. MSPs can be the saving grace for many SMEs in this situation, providing the skills and expertise to strategically roadmap their cybersecurity journey and implementing best-of-breed solutions which are truly best fit for their unique requirements.
With a pedigree of excellence in the Irish market spanning over forty years, Datapac is uniquely positioned to provide SMEs with the knowledge and experience needed to secure their organisations in this uncertain time. If you would like to speak with our experts, please leave your details below for a free, no-commitment consultation from a member of the team.
Register for upcoming events
-
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency."
-
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation."
-
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard."
-
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.”
-
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.