Donegal is an area in the north-west of Ireland where there is a relatively large percentage of Irish speakers. However, although Irish is one of the two official languages of Ireland (the other one being English), only a minority of residents of Ireland claim to be Irish speakers (94,000 native speakers in 2011). This means that the malware attack is highly targeted at a very small niche group. The fact that the virus used poorly-translated Irish suggests that it was written by hackers who do not themselves speak Irish, and who used an online automatic translation service.
Briony Williams, a security consultant at commissum (http://www.commissum.com), an information security company in Edinburgh, Scotland, commented: “The fact that this virus is targeted at native Irish speakers is an interesting development in the malware field. Native Irish speakers form a small group who are at roughly the same socio-economic level as the rest of the population of Ireland: in other words, they are not an obviously high-income group that would prompt hackers to go to the trouble of targeting them in their own language. Hackers appear to be fragmenting their approach and targeting more specific groups of people rather than using the older scatter-gun approach”.
The virus is difficult for the average consumer to remove, but it can be removed by a computer technician. To date, only one infection has been reported, but a few others may surface in due course. This type of attack (locking the computer and demanding payment, supposedly to unlock the screen), is a long-standing one. However, this is the first time that it has appeared in a minority language in the UK.
Briony Williams of commissum additionally commented: “Since commissum is one of the few cyber-security companies located in Scotland, we will be keeping our eyes open for any malware in Scottish Gaelic that might surface in the future.”