The agencies responsible for combating cyber-crime say criminal ransomware groups are increasingly targeting smaller businesses, instead of Governments and critical infrastructure.

The National Cyber Security Centre (NCSC) and the Garda National Cyber Crime Bureau (GNCCB) describe this as a “noticeable change” in the tactics of such groups.

Both agencies advise businesses not to make ransom payments to criminal groups, as there is no guarantee that paying a ransom will lead to data being successfully decrypted.

The two bodies yesterday (4 October) launched a joint public-awareness campaign to mark European Cyber Security Month.

Phishing focus

As well as ransomware, this year’s campaign focuses on phishing – emails used to lure people into disclosing personal details or clicking on malicious links, which are then used by cyber-criminals to gain access to a computer or network.

The campaign is aimed at urging vigilance, and outlining the potential impacts of these types of cyber-crime on the everyday lives of Irish citizens and businesses.

Throughout October, there will be a particular focus on the elderly on how to avoid becoming a victim of email phishing, how to spot the tell-tale signs of these types of emails, and what to do if a person has fallen victim to such an attack.

Paul Cleary (Assistant Garda Commissioner, pictured) said that there had been an increase in ransomware attacks against businesses, where payments were demanded to regain access to critical data systems.

“The impact of these types of crime can be significant where companies are no longer able to function, and recovery costs are potentially severe,” he said.