Each year, more than 400,000 visitors travel to Fota Island in Cork Harbor to visit the more than 70 species of animals residing at Fota Wildlife Park. Visitors to the 100-acre park play a role in conservationism while taking in the tranquility and wonder of nature.
Unfortunately, this summer’s visitors also played the role of victim in a massive, three-month-long cyberattack.
The park released a statement this morning, stating that their website suffered a cyberattack exposing all customers who carried out an online transaction between 12 May 2024 and 27 August 2024 to financial risk. In an email to customers, Fota Wildlife Park strongly encouraged customers to cancel credit or debit cards used to make payments on the website. They also asked customers to review relevant bank activity since 12 May 2024 and recommended that users with accounts change their password for other accounts if those accounts were linked to same email address and password.
This attack on this organisation—a non-for-profit charity—underscores the need for all organisations—regardless of their sector—to maintain vigilance and prepare to defend themselves against the later cyber threats.
Staying prepared in the age of cyberattacks
In 2023, Grant Thornton Ireland polled more than 221 professionals across a variety of industries at a cybersecurity and AI risk event. They found that more than half of the Irish businesses (59.2%) experienced a cyberattack in the past year. Furthermore, nearly 20% did not have cybersecurity policies in place. The survey also found that a third of attendees had not received a cybersecurity training in the past 12 months.
Despite the drastic increase in the volume of cyberattacks and types of cyberthreats over the past five years, many organisations remain vulnerable. In Grant Thornton’s International Business Report, less than half of Irish businesses reported being ‘very prepared’ for a cyberattack. While there is an acute awareness of the increasing risk of cyber-attacks in Ireland and internationally, many organisations lack robust controls and mitigation plans—the absence of which can be devastating for an organisation.
Moreover, the rise of AI and advent of innovative technologies require a refocus of efforts to protect against cyber threats. The role of these technologies in business operations is increasing. At the same time, cybercriminals are becoming increasingly clever. To protect themselves, organisations must implement a robust cybersecurity programme that evolves alongside these changes. It cannot remain static; the age of cyberattacks has only just begun.
Organisations can help enhance their cybersecurity controls and protect themselves from emerging steps by taking the following steps:
- Determine your organisation’s vulnerability. Assess your I.T. systems flaws. Test the susceptibility of your people to cyber-attacks.
- Put the basics in place to protect yourself. Use industry standards such as ISO 27001 to guide your implementation of policies and controls to manage cyber risks, including strong access control, security awareness training and managing the security of your supply chains.
- Proactively monitor your systems for suspicious activity and have plans in place to respond effectively when you find it.
- Be prepared to respond. Consider how you would recover in the event of a successful cyber-attack. Often recovering cyber-attacks attack is more difficult than anticipated them.
While there is a cost to building these programmes and protections, the cost of not building is much greater. The question is no longer if an organisation will be attacked, but when.
Cyber criminals are always on the lookout for opportunities, seeking to take advantage of outdated and vulnerable systems. As the attack on Fota Wildlife Park shows, no organisation—not even a peaceful charity dedicated to preserving nature—is safe.
How Grant Thornton can help
Now, more than ever, organisations need the cyber capability to defend against the latest threats. At the same time, they must remain compliant with complicated and rapidly evolving regulations. We pride ourselves on developing bespoke, pragmatic solutions to help organisations of all sizes build their cyber defenses and thrive in an increasingly digital world.
We can support organisations in assessing their cyber risk, developing a cyber strategy, maintaining regulatory compliance, building their cyber security programmes and responding in the event of a cyber-attack.
Contact us
Learn more about how our Cyber Security solutions can help you
