Garda systems hit by ‘zero day’ attack
8 August 2016 | 0
The IT systems of An Garda Síochána were subject to a malware attack on Thursday, 4 August 2016.
The attack was described by a Garda spokesperson as a “zero day” attack, that some reports say led to some systems being shut down.
A Garda statement said that an “appropriate solution” had been implemented.
An investigation is now underway to ascertain the cause, origin and extent of the attack.
“Heightened security procedures were implemented and standard protocols were enforced across all Garda ICT environments to limit any effect on our systems,” said a Garda spokesperson.
“Working with security experts the threat was identified and an appropriate solution was implemented across all Garda Síochána Information and Communications Technology systems,” said the spokesperson.
“An Garda Síochána are continuing our investigation into the incident.”
Though it is thought that no data was compromised during the attack, the incident is being investigated by Gardaí from the Computer Crime Unit of the Garda Bureau of Fraud and Investigations.
While the motives for any such attack are as yet unclear, there has already been speculation by some security experts, via Twitter, that it may have been an attempt at a crypto-malware infection.
This kind of attack, if successful, would have meant attackers could have encrypted vital Garda data, allowing them to issue ransom demands for decryption. While such attacks have been more commonly seen in the healthcare sector, increasing sophistication in malware is opening up possibilities for new attacks.
A report from Kaspersky Labs has found that there has been sharp rise in the incidence of crypto-malware, ransomware, attacks on corporations. Corporate users represented more than 13% of all ransomware victims between April 2015 to March 2016, nearly double that of the year before, said the report.
Should the Garda incident prove to be a ransomware attack, it would represent a worrying new trend in the targeting of such attacks. However, it is not unusual for public bodies to be hit by cyberattacks. In January of this year, several government web sites were the subject of a distributed denial of service (DDoS) attack that saw some go offline.