TO GUARANTEE ITS cyber security, Ireland needs to join the push for action against rogue states.
The ransomware attack carried out in May against the HSE was Ireland’s first taste of mass-scale cyber piracy and the severe infrastructural damage it can visit upon states and their citizens. An emerging global threat, against which few states have invested sufficient resources to defend themselves, cyberattacks have become a tool in the arsenal of many malevolent groups.
For many of us, cyberpiracy conjures visuals of shadowy organised crime groups, hidden in dark rooms filled with bright monitors. However, some of the most malicious hacking and ransomware operations are actually conducted by rogue states. These are the same nations that sit with Ireland at UN Summits and diplomatic events, while simultaneously waging warfare from behind a screen.
Four months on from the HSE attack, the Irish government is said to be exploring a variety of unorthodox methods for rebuilding its cyber infrastructure and bringing the perpetrators of the attack to justice. But there needs to be a clear understanding on the part of the government as to who would carry out such an attack, and why.
Who’s up front on cyber crime?
Generally, the motivations for states to carry out these hacks are threefold. The most common reason for cyber attacks is to gain access to the vast troves of lucrative user data, from phone numbers to sensitive banking information, which we saw with the HSE hack.
Rogue states engage in cyber warfare to gain more broadly from the secrets uncovered through industrial espionage. Lastly, cyberattacks offer a relatively risk-free opportunity to sow political chaos in rival states.
The global poster child for state-sponsored cyber piracy is Russia. From the billions of euros worth of damage done across the globe during its infamous NotPetya ransomware attack in June 2017 to its hacking and leaking operations in US and European elections, Russia’s offensive cyber operations have been a consistent threat over the past two decades.
In the days following the HSE attack, the Russian embassy publicly condemned the hack. The Kremlin even alluded to helping the Irish government apprehend any perpetrators residing within Russia, should Ireland only ask for their assistance.
This has long been Russia’s standard response when its hackers are caught red-handed, yet to date, no concerted international effort has been made to curtail Moscow’s cyber pillaging. Indeed, some experts believe that Russian proxy cyber pirates are better funded and more active today than ever before.
Another nation engaged in state-sponsored hacking is China. In July, Beijing was accused by the US, the EU, NATO, the UK and four other countries of being involved in a massive exploitation of vulnerabilities in Microsoft’s Exchange. This went as far as blaming China’s Ministry of State Security for directly steering the malicious activity. The attack affected about 250,000 organisations worldwide, allowing hackers to siphon off company emails for espionage and the stealing of intellectual property.
Ramped up operations
While Russian- and Chinese-sponsored cyberpiracy operations tend to dominate the headlines, the Islamic Republic of Iran has proved to be an equally insidious operator.
Using only the most basic forms of malware and other cyber technologies, the Iranian regime has proved itself capable of launching costly attacks against US financial infrastructure, robbing tens of millions of dollars from thousands of people. It has also frequently targeted leading Western universities, companies, and government agencies.
Until recently, Iranian cyber attacks were largely directed at US institutions. However, European intelligence experts are now increasingly concerned about the threat posed against Europe by Iranian cyber aggression.
Following large scale attacks against German companies in May 2021, the German Office for the Protection of the Constitution warned that “Iranian cyber actors have significantly raised their technological capacity to carry out cyber operations” adding that they “take it for granted that there is a continued high level of threat against German institutions” from Iranian cyber attacks.
In July 2021, UK intelligence chief Ken McCallum announced that MI5 would be ‘doubling its resources’ for dealing with future cyber espionage campaigns orchestrated by Russia, China and Iran in particular. While the Irish government would no doubt wish within its overall capabilities to follow suit, there are some straightforward steps Ireland and its partners could take that would have a profound impact in reducing the likelihood of future ransomware attacks.
The institutions best set up to deal with these issues are those of global governance and international diplomacy, and never has Ireland been better placed to influence these, especially given its favoured position as a member of the UN Security Council.
Ireland could for instance push for punitive sanctions on states allowing if not actively encouraging cyber piracy emanating from their territory. Russia and China who so often play the innocent could be embarrassed into not opposing such a resolution.
Ireland has 15 months left on the Council: a priceless opportunity to make a signature global policy contribution. Having now felt the sting of cyber piracy, it would be fitting if Ireland were prominent among the countries working finally to bring the rogue states that sponsor this form of malfeasance to justice.
Missing this trick could result in Ireland squandering its best opportunity to secure itself against another attack of potentially even greater proportions than the one against the HSE.
Sir Ivor Roberts a Senior Advisor for UANI, a former British Ambassador to Yugoslavia, Ireland and Italy and the former head of counter-terrorism in the Foreign & Commonwealth Office. United Against Nuclear Iran (UANI) is a nonprofit and non-partisan policy organisation formed to combat the threats posed by the Islamic Republic of Iran.
To embed this post, copy the code below on your site
have your say