The short answer is – yes! But ESET Ireland takes a closer look at how to go about reporting cybercrime.
Ireland is increasingly under attack by scammers, ransomware and other types of online financial fraud. Most victims, however, worry most about restoring their data or securing their credit cards, rather than reporting the incident to the authorities.
ESET Ireland inquired with An Garda Síochána, how cybercrime victims should go about reporting cybercrime. Sergeant Tony Connaughton of the Garda Press Office responded: “If anyone feels that they have become a victim of a crime they should report it to their local Garda Station where it will be fully investigated.” The victim of a cybercrime should provide the Garda Station with an Injured Party Statement, either for themselves or on behalf of their company and an investigation will proceed.
An Garda Síochána also run a Bureau of Fraud Investigation, that investigates serious and complex cases of commercial fraud, cheque and payment card fraud, counterfeit currency, money laundering and computer crime. Unfortunately, they were unable to tell us any statistics on the cases of cybercrime reported or solved.
If a data breach occurs and impacts the personal data of individuals, the issue should be reported to the Office of the Irish Data Protection Commissioner. Note that currently this is not mandatory but is recommended as a Code of Conduct.
There is another organisation in Ireland, that deals with cybercrime, though it is mainly focused on business, rather than end-users. It is called IRISSCERT or Irish Reporting and Information Security Service – Computer Emergency Response Team. Security breaches can be reported to IRISSCERT who will work with other CERTs to assist in responding and dealing with a security breach. For instance, if a phishing website needs to be taken down in another jurisdiction, IRISSCERT will contact the CERT in that jurisdiction and request their assistance in taking down the offending site.
Brian Honan from IRISSCERT told us that: “In 2015 we had over 25,000 incidents reported to us. We do not have any visibility if there have been any successful prosecutions, as we do not report the issues to An Garda Síochána. This is the responsibility of the victim company.”
But why is it important to report cybercrime incidents to the authorities? Brian Honan explains: “If more companies reported cybercrime it would have a significant positive impact on the overall security landscape. It would provide An Garda Síochána, and more importantly the policy makers, with visibility into the scale of the problem and subsequently ensure the appropriate resources are applied. It also means that An Garda Síochána can share information with other law enforcement agencies in other countries which will lead to a higher likelihood of those behind these crimes being prosecuted.”
by Urban Schrott, ESET Ireland