European Cyber Security Month 2023

Aim

The aim of Cyber Security Month is to raise awareness of cybersecurity threats, promote cyber security among citizens and organisations; and provide resources to protect themselves online, through education and sharing of good practices.

European Cyber Security Month (ECSM)

Background

European Cyber Security Month (ECSM) is coordinated by the European Union Agency for Cybersecurity (ENISA) and takes place each year during the month of October. ENISA’s press release for European Cyber Security Month can be found here, While the dedicated page for the month is https://cybersecuritymonth.eu/.

The campaign is supported across Europe by Member States, which organise numerous activities including conferences, workshops and webinars. They also utilise awareness-raising material on social media to encourage good practices in relation to cyber security and cyber hygiene.

This year’s campaign

During October, the NCSC will share content from ENISA on three particular types of social engineering being carried out by criminals, namely phishing (fraudulent emails), smishing (fraudulent text messages) and vishing (fraudulent phone calls).

These are all forms of social engineering carried out by criminals in an attempt to gain sensitive information or money from potential victims. We’ve produced three short videos on the three methods mentioned above to give you advice on steps you can take if your targeted in such a way.

Suspicious Emails

Suspicious Phone Calls

Suspicious Text Messages

Over the course of the month, the NCSC will be tweeting links from @ncsc_gov_ie to resources, to raise awareness about the cyber security topics.

Social Engineering

Social engineering is aimed at talking a target into revealing specific information or performing a specific action for illegitimate reasons. Social Engineering can target anyone, regardless of their age or profession. Empowerment is key with regards to cyber security and safety online. The vast majority of individuals have the knowledge to carry out their online activities safely and securely. However, actors seeking to target them are becoming increasingly adept at creating situations that simulate a false sense of urgency for those they are targeting.

Messages or phone calls often have artificially manufactured time-limits attached “if you do not pay your e-toll in time you will be brought to court”. The pressure created by this technique leads to individuals acting in a way they wouldn’t normally. Accordingly, this year’s campaign is all about slowing down and asking yourself “is this contact genuine?”

The easiest way for fraudsters to acquire someone’s personal information is directly through the individual.

What steps can I take to reduce my risk?

The best way to protect yourself is to not give this information away no matter how plausible the request. Cyber criminals are non-discriminatory, however paying attention to details and thinking before clicking to reply is a proactive step that can be taken to counteract their efforts.

Similarly, using multi-factor authentication (MFA), secure passwords, back-ups, and updating devices empowers people to take control of their own online safety and protect themselves from potential attacks.

Additional Resources

The Cyber Security Month website is available at the following link: https://www.cybersecuritymonth.eu and their Twitter handle is @CyberSecMonth.

You can also find more information on An Garda Siochana's Twitter feed @gardainfo. and on the GNCCB webpage.

NIS2 Awareness Raising

We have also produced material in advance of the national transposition of NIS2 in the shape of a number of quick reference guides which can be found in the links below.

  1. NCSC NIS2_Introduction
  2. NCSC NIS2_Essential and Important Entities
  3. NCSC NIS2_Sectors in scope
  4. NCSC NIS2_Incident Notification
  5. NCSC NIS2_Cyber Security Risk Management Measures
  6. NCSC NIS2 Essential and Important Entities - Supervision
  7. NCSC NIS2 Enforcement and Penalties
  8. NCSC NIS2_Management Responsibilities

GNCCB

The Bureau is the national Garda unit tasked with the forensic examination of computer media seized during the course of any criminal investigations.

The unit also conducts investigations into cyber dependent crime which are significant or complex in nature network intrusions, data interference and attacks on websites belonging to Government departments, institutions and corporate entities.