Irish communications regulator under threat from Russian hackers: reports

A Russian cyber-crime gang has threatened to publish private information stolen from ComReg, the Irish communications regulator, according to reports.

The group, known as Cl0p, said on Tuesday it has 143 gigabytes of ComReg data which was stolen in a ransomware attack on the Government agency in May.

ComReg is responsible for regulating communications companies, including internet service providers, broadcasters and mobile phone providers. It holds large amounts of sensitive data relating to the telecommunications industry. 

The agency was one of many organisations targeted in a cyberattack by the Cl0p ransomware group which is based in Russia. The group carried out the attack by exploiting a weakness in Moveit, a file transfer system used by ComReg.

ComReg said last month a “relatively small number” of its files were impacted. “Of these, an even smaller proportion concerned either personal data or confidential commercial information that had been provided to ComReg by regulated entities.”

According to a report in The Irish Times, it is understood the agency has drafted in a private cyber security company to help respond to the attack. The Garda National Cyber Crime Bureau is also investigating and the Data Protection Commission has been notified.

Last month, ComReg wrote to various telecommunications companies to inform them their data had been stolen.

“The NCSC is aware of the recent cyberattack on the secure file transfer platform ‘MoveIt’. The NCSC does not comment on operational issues,” said a spokesman for the Department of Communications, which oversees the NCSC. 

Commenting on the latest development, Fergal Lyons, cyber security specialist at Centripetal, said: “The MoveIt cyber-attack continues to have severe consequences on a global level. This incident has resulted in a significant disruption of services, causing financial losses and damaging the organisation’s reputation.”

“The attack also raises concerns about the overall vulnerability of critical infrastructure and highlights the need for stronger cybersecurity measures across industries. This is a great opportunity for enterprises across the world to re-evaluate their cybersecurity tech stack to ensure that they deploy a proactive approach to cybersecurity.”