‘What­ever you are spend­ing on cy­ber se­cu­rity is not enough’

Irish Examiner - - News - Joe Leogue

Ir­ish peo­ple need to be more guarded in their so­cial me­dia ac­tiv­i­ties, and busi­nesses are not in­vest­ing enough in their IT se­cu­rity, one of the Garda’s top cy­ber crime de­tec­tives has warned.

“What­ever you are spend­ing on cy­ber­se­cu­rity is not enough,” De­tec­tive Su­per­in­ten­dent Michael Gub­bins of the Garda Cy­ber Crime Bureau told a con­fer­ence on cy­ber fraud in Univer­sity Col­lege Cork yes­ter­day.

The con­fer­ence, Hack­ing the Hu­man: Cy­ber Fraud in a Dig­i­tal Age, heard that cy­ber fraud is un­der-re­ported at both cor­po­rate and in­di­vid­ual level, and that busi­nesses suf­fered ran­somware at­tacks such as the NotPetya virus which locks a user’s com­puter un­til a ran­som is paid to the hack­ers re­spon­si­ble.

Det Supt Gub­bins said few such at­tacks are re­ported to the Garda Cy­ber Crime Bureau.

“Some­one came to me af­ter a sim­i­lar talk to this and said: ‘Ac­tu­ally, I know a cou­ple of com­pa­nies, they were vic­tims of NotPetya, it’s not widely known, it cost them a lot of money and they are still try­ing to me­di­ate,’ ” said Det Supt Gub­bins af­ter the event.

He said the is­sue is un­der­re­ported glob­ally, and that his ap­pear­ance at such con­fer­ences is to spread the word that the gar­daí have ded­i­cated re­sources to in­ves­ti­gate such crimes.

“We are there for peo­ple to re­port to us,” said Det Supt Gub­bins. “Peo­ple don’t re­port to us, we can’t in­ves­ti­gate, there­fore we can’t know or make peo­ple aware of what’s ac­tu­ally hap­pen­ing.

“We want peo­ple to re­port to us so we know what’s go­ing on so we can build up our own ex­pe­ri­ence.”

The pub­lic needs to be wary of “so­cial en­gi­neer­ing”, h e s a i d — a s i t u at i o n whereby crim­i­nals will look to use in­for­ma­tion posted on so­cial me­dia to pose as an in­di­vid­ual to scam their con­tacts.

“It’s about be­ing con­scious of the in­for­ma­tion you are giv­ing out, and to whom you give it,” said Det Supt Gub­bins.

“If you look at some­one’s LinkedIn ac­count it tells you who they are, who they work with, and the peo­ple who are con­nected to them.”

Rosie Cof­fey, UCC’s IT se­cu­rity of­fi­cer, told the con­fer­ence of how fraud­sters hit UCC’s sup­pli­ers with a pur­chase or­der scam last sum­mer, wherein the crim­i­nals posed as the univer­sity to ef­fec­tively steal high­value goods from busi­nesses.

“Hun­dreds, if not thou­sands, of re­tail­ers, ven­dors, and sup­pli­ers around Cork were re­ceiv­ing pur­chase or­ders pur­port­edly from UCC,” said Ms Cof­fey.

“They would be for high­value goods, the de­liv­ery ad­dress would be to a nonUCC ad­dress, typ­i­cally a ware­house.”

De­spite UCC alert­ing its sup­pli­ers and “fire­fight­ing” with gar­daí to spread the word about the scam, Ms Cof­fey said some fell vic­tim to the scam.

“But still some re­tail­ers in Cork did get caught out for this, and that’s how the crim­i­nals make their money,” she said.

Cy­ber­se­cu­rity com­pany SmartTech247 is to open a se­cu­rity op­er­a­tions cen­tre in Cork on Mon­day. Chief ex­ec­u­tive Ro­nan Mur­phy said its cus­tomers face a “tsunami of at­tacks” on a daily ba­sis.

He be­lieves there’s a lack of readi­ness among the pub­lic.

“That’s clear by the head­lines, if you look at them on a daily ba­sis there’s a new breach ev­ery sec­ond day,” said Mr Mur­phy.

“We’re fac­ing rogue states like North Korea which are pos­ing a big chal­lenge in terms of what they are do­ing with things like Wan­nacry [ran­somware].”

Gov­ern­ments, Mr Mur­phy warned, are “play­ing catchup” when it comes to tack­ling cy­ber crime.

“The bad guys are in­no­vat­ing faster than the good guys, I think all gov­ern­ments glob­ally have a big chal­lenge,” he said.

De­tec­tive Su­per­in­ten­dent Michael Gub­bins.

Newspapers in English

Newspapers from Ireland

© PressReader. All rights reserved.