Irish companies may have been caught in a cyber espionage campaign waged by a sophisticated group of hackers, one expert warned at the weekend.
Professional services firm PwC and BAE Systems collaborated with the UK's national cyber security centre to identify a new hacking campaign designed to steal key information from thousands of businesses.
Pat Moran of PwC Ireland has warned that businesses in the Republic could have been hit in the attack. "While we do not know specifically the impact on Irish-based companies, what we do know is that there is every possibility that if Irish companies have their corporate data held by managed IT service providers they should investigate immediately to see if their data has been compromised," he said.
Mr Moran added that many large international organisations were hit by the campaign, which PwC and BAE believe was led by a group known as APT10, which employs sophisticated techniques to steal information from companies and large organisations.
Sensitive information
The group targeted businesses that manage IT services for large numbers of clients. This allowed them to tap into sensitive information and assets such as intellectual property held by these companies.
“As result of the recent APT10 attack, I would advise all Irish organisations who have third-party relationships with managed service providers to ascertain if their data has been breached through discussions with their providers,” Mr Moran said.
The Republic has recently established a National Cyber Security Centre to prepare for the Network Information Systems Directive that will come into effect in May next year.
This is designed to aid the State in repelling attacks such as the one uncovered by PwC and BAE.
Mr Moran said that defending organisations against such attacks would require collaboration between private and public sector organisations that have the skills required for this work.