THERE HAVE BEEN lots of cyber attacks on Government departments over the years, many of which have not made it into the public domain.
Communications Minister Denis Naughten told TheJournal.ie that many of these attacks have not made it on to the public airwaves, but they occur quite frequently.
There have been attacks in the past, they are quite frequent. Some of them hit the public airwaves, many more don’t. They come from various different sources across the globe and this is something we have to be continually vigilant on. Tomorrow there could be another attack – it could be far more devastating than one to date… we just don’t know. It is something we are trying to keep ahead, it is very difficult to keep ahead of it the way technology is changing…
According to a department source, there’s been ‘a lot of background work’ going into cyber security measures across all state websites, but the details of what exactly has been done can’t be made public.
It’s feared that the more information that’s given about the State’s cyber security systems, the more prone they’ll be to an attack.
Cyber attack ‘could cripple us’
Last month, Labour’s Brendan Howlin told the Dáil that a cyber security attack on any of the Irish authorities’ systems “could cripple us”.
“Over the years, all of our Government Departments have been subject to cyber attacks, some of which did not go into the public domain. It could have been absolutely crippling if, for example, the Department of Social Protection was shut down by a cyber attack. It would be hugely disabling for us,” said Howlin.
Taoiseach Enda Kenny agreed with Howlin at the time, stating that it is a concern.
“We now have such an enormous investment in digitisation in so many companies around the country. This is an issue that needs to be looked at,” he said.
Ransomware attack
The ’WannaCry2′ ransomware attack hit more than 200,000 victims over the weekend, striking banks, hospitals and government agencies in more than 150 countries.
It caused widespread disruption to the National Health Service (NHS) in the UK, but the HSE’s system rebuffed the attack.
However, in order to be vigilant, staff were instructed not to log in to their computers yesterday morning.
Ten years imprisonment for cyber crime
New legislation aimed at protecting information systems from cyber attacks was discussed by politicians in the Seanad last month.
The Criminal Justice (Offence Relating to Information Systems) Bill 2016 is the first piece of Irish legislation dedicated solely to dealing with cyber crime.
It makes it an offence to engage in cyber crime activity and provides strong penalties for those found guilty of offences, including up to ten years imprisonment if the crime is sufficiently serious.
The Bill gives effect to provisions of an EU directive on cyber security.
A key aim of the directive, in addition to criminalising offences relating to cyber attacks, is to improve co-operation with and between the European authorities, including the police and other law enforcement services such as Europol and the European Cybercrime Centre.
“As technology advances and new forms of crime evolve, our legislative frameworks must also develop to counter these threats. Cyber crime activities come in many different forms and broadly involve criminal attacks on information systems and infrastructures themselves or on their associated data,” said the Minister of State at the Department of Justice and Equality, David Stanton.
He said data is an increasingly valuable commodity and criminal gangs are aware of this and perpetrate large-scale pervasive attacks.
“It is these crimes which cause the greatest impact economically in Ireland and around the globe. It has been estimated the cost of cyber crime to the Irish economy is €630 million per annum. Grant Thornton, the consultants who carried out this analysis, discovered the cost of traditional crimes, such as welfare and tax fraud, moving into the online environment is a significant threat to the Irish economy,” said the minister.
“Cybercrime is an international worldwide problem. It knows or respects no borders,” he added.
Cybercrime units in Europe
Member states are required to have an operational national point of contact on cybercrime, which should be available 24 hours a day seven days a week.
The designated national contact point for Ireland is the Garda computer crime investigation unit, however some politicians have been critical about the resources the gardaí have to deal with such issues.
Speaking to TheJournal.ie, Fianna Fáil Senator Gerry Horkan said he welcomed the new legislation, particularly as there are so many high-tech and Internet-based companies in Ireland.
However, he is also critical that the gardaí are not fully resourced to enforce new laws on cybercrime.
Horkan said it is concerning that the number of gardaí working in the area of cybercrime fell in 2016.
Late last year, figures provided to Fianna Fáil through a parliamentary question showed that only 29 gardaí were tasked with policing cybercrime, despite the number of cyber-attacks doubling.
The number of gardaí working to tackle this growing threat declined in the past two years despite an increasing number of cyber-attacks in Ireland. Cybercrime is a real and growing threat to individuals and businesses.
Garda cybercrime unit
The minister said there are proposals to reconfigure the Garda computer crime unit into the Garda cybercrime unit.
Stanton said there should not be a focus on the number of people working in the unit, but the high level of their training.
“It strikes me that what will be involved are people who will really be on top of their game and really specialist people, not the number of people, as has been said, but people who really are specialised in these areas. The Garda has built up considerable expertise in this area. The former head of the unit heads up the European cybercrime unit,” explained Stanton.
While the creation of a dedicated unit is a welcome, said Horkan, he believes it will be unable to make substantive progress unless it has sufficient and skilled personnel.
The increase in the number of gardaí secured by Fianna Fáil in the confidence and supply agreement must be used in part to help deal with this rising threat, said Horkan.
Sinn Féin Senator Niall Ó Donnghaile said while this Bill is to be welcomed, he pointed out there is little point in introducing more legislation and giving the Garda extra powers if they do not have the resources to actually investigate any breaches of the new law.
It is not just about the correct training, which is important in terms of capacity building within the Garda , but we also need to resource the Garda to meet the demands that are out there as a result of this criminal activity.
Horkan said the responsibility lies with the State to ensure we are on top of any potential threats that might come our way.
With additional reporting by Gráinne Ní Aodha
To embed this post, copy the code below on your site
have your say