Irish organisations failing on infosec basics
IRISSCon hears that increasing threats and sophistication still met with poor basic security measuresPrint
25 November 2014 | 0
Amid a wealth of security-related information on the Irish information security landscape, Brian Honan, director of the Irish Reporting and Information Security Service (IRISS), at its annual conference warned that Irish companies are still failing on the basics of information security.
Honan said that in 2014, there had been 6,534 incidents so far, up from 5,802 in 2013. Of these 2014 incidents, Honan said that 43% were Irish sites hijacked to host malware to attack other sites. Nearly a quarter (23%) were outbound distributed denial of service (DDoS) attacks, with nearly a fifth (19%) hosted phishing attempts. Worryingly, some 75% of the incidents were attributable to organised crime.
Honan highlighted the cost of security breach, with one Irish business last year suffering a €50,000 loss through a targeted phishing attack.
“We are failing on the basics,” said Honan.
However, Honan also used the platform to announce that IRISS is now partnering with OpenDNS, a provider of secure domain name services, to provide threat intelligence about new and emerging threats for Irish organisations.
IRISSCERT, the computer emergency response team of IRISS will use OpenDNS Investigate to alert and protect Irish businesses and other organisations from malicious domains that are hosting malware, phishing sites and botnet command-and-control (C&C) infrastructure. OpenDNS will use threat intelligence data shared by IRISSCERT to support its ongoing research into malicious online activity around the world.
“Visibility into emerging threats, as they are being staged, is a critical first step in staying ahead of Internet attacks and limiting their damage,” said Andrew Hay, senior security research lead and evangelist at OpenDNS. “We are pleased to be announcing this intelligence sharing relationship with IRISSCERT so they can use OpenDNS solutions for early detection, response and remediation of threats in Ireland. Meanwhile, we will also benefit from increased visibility into ongoing attack campaigns that are affecting Irish organisations.”
“IRISSCERT is committed to helping businesses and consumers better protect their information systems, and making Irish Internet space a safer environment for all,” said Brian Honan, founder and director, IRISSCERT. “This partnership with OpenDNS will dramatically improve our ability to predict and head off emerging threats before they can cause widespread damage. Rather than having to rely on vendor reports that expose threats after the fact, OpenDNS lets us see the attacks as they happen.”
The scale of the cybersecurity challenge was highlighted by another speaker, Paul Gillen, head of operations, European Cyber Crime Centre (EC3), Europol.
For the full report, see the December edition of TechPro magazine, out 9 December.