Pictured (L-R): Paul C Dwyer, president of the International Cyber Threat Task Force; Michael O’Sullivan, chief superintendent, An Garda Siochana; and Rhonda Reihill, director, International Cyber Threat Task Force
Delivered as an executive master class by a global panel of cyber security experts, delegates learnt the latest cyber intelligence and the counter measures to cyber threats at the recent Dublin Cyber Threat Summit.
Speakers addressed the current cyber-threat landscape and strategies to protect individuals, children, business and enterprise, as well as tackle cyber-risk in financial services.
Chaired by Miriam O’Callaghan, the one-day conference was attended by 350 delegates, including business CEOs and CIO/ CISOs from across Ireland, the UK and Europe, as well as cyber security and technology companies, and Government and public service agencies.
Grainia Long, CEO of ISPCC, WAS awarded ‘Cyber Safety Ambassador of the Year’ by the ICTTF for her outstanding contribution of increasing the cyber safety for children online at the event.
Fraud, identity theft, ideological propaganda, intellectual property theft, industrial espionage, service disruption, physical damage and blackmail is just a selection of the frightening and very real threats Irish businesses face from cyberspace, according to the organisers of the sixth International Cyber Threat Task Force Summit that took place in Dublin’s Mansion House.
Global financial losses caused by cybercrime are at least €350bn a year, and are expected to reach €1.89tn by 2019, according to European Commission reports, and cybercrime has led to the loss of around 150,000 jobs in Europe alone.
Data is the new cash, believes Paul C Dwyer, president of the International Cyber Threat Task Force (ICTTF). “Businesses and State agencies are struggling to keep up with what is a very dynamic threat. Cybercrime is a massive global business and as soon as cyber security specialists put new defences in place, attackers will find a way to circumvent them,” said the cyber security expert.
Ireland is no exception, with major cyber-attacks, supported in some cases by nation States, taking place with an increasing frequency. 14% of the cyber-attacks investigated in Ireland last year were via the supply chain. In other words, the bad guys identified a supplier as the easiest route to their target.
Extortion is rife via ransomware and so called ‘romance scams’, Paul C Dwyer insists. “With ransomware, the victim’s data is completely scrambled beyond recognition. They are forced to pay a ransom to the criminals in order to get a password to unscramble their data,” he commented.
“Romance scams involve duping a targeted employee into a fictitious romance online. Eventually, they raise the stakes and share nude photos or other compromising material. The victim responds with similar material and, from that stage, they soon realise they are being blackmailed. In most cases, the bad guys want access to information about key process or internal systems in the organisation the victim works for, and they agree not to share the photos if the victim complies,” said Dwyer.
In the survey from March last year, 57% of Irish people admitted to opening emails from people they don’t know. Only 26% of Irish internet users said they regularly changed passwords, and 75% of Irish surveyed used the same password across different sites and online services.
Victims of cybercrime here were slightly above the EU average. 9% of Irish Internet users had been victims of identity theft, 10% fell victim to bank card or other online banking fraud, and 7% suffered ransomware attacks, having to pay criminals to restore access to their own device.
Cyber ransom in Irish tech companies is also becoming more common, the Dublin Summit heard.
Hackers infiltrate a technology company’s network, and then offer their services at massive fees, to help the business ‘close their security gaps’, rather than be publically embarrassed and lose custom, it seems.
The ICTTF Summit on September 7th also heard how, on top of the pressure to deal with the battle against cybercrime, corporate Europe also has to comply with a plethora of new EU ‘cyber’ legislation.
Similarly, European law enforcement agencies, which are a major line of defence against coordinated criminals, are struggling to keep their highly skilled teams, as they are being tempted by more lucrative roles in the private sector.
The ICTTF is a not-for-profit global project founded by the Irish cyber security expert, Paul C Dwyer. Now with nearly 4,000 members from over 100 countries, the ICTTF sixth annual Cyber Threat Summit explored the dangers facing companies and organisations, large and small.