When the Ireland/Northern Ireland cross-border body, the Special EU Programmes Body (SEUPB) fell victim to a malicious cyber attack, PwC stepped in to support. With over half a billion euros of EU funding at stake, the team worked tirelessly to help the organisation contain the attack, recover data and improve resilience against future threats.
At 2am on a Sunday morning in July 2020, Gina McIntyre got the text that every CEO dreads. Her organisation - a public body which manages over half a billion euros of EU funding - had been hacked.
Gina runs the Special EU Programmes Body (SEUPB), a cross-border body that was established under the Good Friday Agreement. It works with the Northern Ireland Assembly and the Government of Ireland and is responsible for EU funding programmes which help to support the peace process on the ground.
During the pandemic cyber attacks soared, impacting almost every sector from education to health to manufacturing. Cyber criminals hid behind Covid-themed phishing emails, abused insecure home-internet systems, created malicious websites containing keywords such as Coronavirus and increased the deployment of data-harvesting malware.
One of the attacks happened to the SEUPB.
Recognising that everything cannot be a priority, the PwC team asked Gina and her leadership team, "What is going to keep you awake at night?". As the SEUPB’s system had been hacked, the entire server needed to be rebuilt - nothing could be trusted. The team was in no doubt about the magnitude of the task but it was an essential move to begin to take back control.
Our cybersecurity experts approached the challenge holistically, considering potential areas of concern in other departments. This way they were able to address a variety of issues and reassure the client.
The team’s experience ensured potential hazards were avoided as the initial attack can create future vulnerabilities. As the SEUPB’s core objective is to manage funding, the organisation considered making manual payments if necessary. But our team has seen a number of cyber attack which trick finance teams into updating bank details to fraudulent accounts and immediately flashed a warning to avoid doing this.
And as we worked through the order list of priorities, we were able to help Gina provide clear directions to her staff who in turn could communicate with their suppliers, key clients and stakeholders. This ensured the response team was not overloaded.
“Businesses face a very real challenge: cyber attack are a fact of life and the sooner we accept that, the safer and better prepared we can be. I could not have asked for better support from PwC when we needed it. We were able to respond very quickly; have learnt important lessons and come out stronger as a result. We must all continue to remain vigilant and up-to-date with tactics that are being used today.”
It took five weeks from the attack to be fully operational again, but the SEUPB came back stronger and it has a new EU Programme to deliver - PEACE PLUS worth €1.1bn. However, the team have learnt valuable lessons about how to be more secure in IT, but also from the business management perspective. It is only when you experience a crisis like this that you really understand what a contingency plan needs to include and how to manage the often-overlooked psychological impact of a cyber attack.
Gina is committed to helping others understand the impact of a cyber attack and shares her experience to highlight the value of cyber-security at events like Digital DNA in Belfast and with the Chief Executives’ Forum.