Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

€2 a Month €5 a Month One-off amount
Dr Richard Browne, NCSC Oireachtas
National Security

Cyber chief: Ireland working closely with NATO cyber experts to counter online threat

Dr Richard Browne of the National Cyber Security Centre was speaking at the Joint Committee on Foreign Affairs and Defence earlier today.
6.34pm, 23 May 2023
7.6k
17

IRELAND’S CYBER SECURITY chief has said that the State is working closely with NATO national security experts and projects to counter hybrid warfare threats. 

Dr Richard Browne of the National Cyber Security Centre (NCSC) was speaking at the Joint Committee on Foreign Affairs and Defence earlier today. 

Browne said that the NCSC is directly involved with the NATO alliance’s Malware Information Sharing Platform which is combatting attacks such as the HSE cyber incident. 

The body is also involved in working closely with the NATO Cooperative Cyber Defence Centre of Excellence based in Tallin in Estonia as well as a hybrid threat project.  

“We have full access to the NATO project and malware information sharing platform. We also have access to a number of others.

“Of course, it’s very important to say we don’t know what we don’t have access to. And we can only assume that as a non member there are aspects of the data infrastructure that we don’t have access to. That’s that’s just the way it goes.

“Right now I can confirm we do have very significant access to real world threat and risk information sharing with partners across NATO,” he said. 

Browne told the committee, in response to questions from Fianna Fáil deputy James Lawless, that many of the national organisations they are in touch with, through NATO, are also EU member states.

He also explained that while NATO posessesses a national cyber security response capability the European Union does not.

“It is important to point out the EU does not have an operational cybersecurity rolling EU does not deal with national security issues in cyberspace and NATO does, which is why are having access to those feeds and it is really really important because that allows us to deal with the full spectrum of cybersecurity issues,” he added.

The NCSC head also said that Ireland has close ties with Ukraine’s cyber security response and they are using that to inform them of the types of threats and hybrid warfare risks. 

But he cautioned that the Russian cyber attacks have not been as beneficial to Vladimir Putin’s forces as thought by some commentators. 

“There are three primary reasons for this. The first of these relates to an innate characteristic of cyber as a means of force projection; it is simply less effective as a destructive tool than many commentators have allowed for in recent years.

“The second reason is that the Ukrainians were ready; ready because they had endured years of similar offensive actions and ready because they expected an attack.

“They have taken and continues to take very significant measures to protect themselves from the consequences of these activities. Lastly, the Ukrainians have also benefited from massive external support from public and private sector organisations on a global basis, including from NCSC,” he explained. 

Ukraine

He said the war in Ukraine has had “notable implications for cyber security in the rest of Europe”.

Browne referenced the ViaSat incident in which Russian hackers breached Ukrainian sattelite communications systems. 

He said there is a broader issue of civilian hackers being used to target European and Irish infrastructure. 

“There has also been an ongoing and persistent series of so called ‘hacktivist’ attacks which have extended over the vast majority of EU Member States including Ireland.

“These attacks have primarily been distributed denial of service, or ‘DDOS’, attacks and have caused little to no disruption to services.

“They do however indicate the existence of an organised campaign to harass service providers in Europe, and a willingness to at least tacitly threaten further action against European infrastructure operators,” he explained. 

‘Active measures’

He said the greatest hybrid threat at present is the Russian model of “active measures” which employ “purely civilian means of influencing, compromising, pressurizing democratic governments”.

Browne told the committee that it was important to look at the hybrid threat across multiple domains. The NCSC chief also said that the Electoral Commission has examined legislation around preventing disinformation. 

Browne said that he is happy with the resourcing levels for the NCSC and said that they are currently increasing its workforce to beyond 60 employees. They are also moving ahead to taking possession of their new headquarters in Beggars Bush, Dublin later in the year.  

He said that the recruitment success is down to a lot of experts from banking cyber security, defence and other services seeking out the NCSC due to an interest in the speific role. They have also go competitive wages. 

Browne also spoke about the perceived threat from Artificial Intelligence.

“This technology has been much heralded, and has seen a vast amount of investment in the last decade. It is not an overstatement to suggest that this is at least the single most important technological development since the internet, and it may well likely turn out to be more important than that,” he said.  

He said that AI applications may cause some issues around the inputting of sensitive data into the system by public servants to generate reports but he believed this was dealt with by individual departments with developed data procedures. 

Browne warned that AI could be used to generate believable scripts for fraud.

He explained that the biggest threat to Irish services, businesses and infrastructure remains ransomware – in which a computer programme is used to lock down computers until a ransom is paid.

The NCSC chief said in regard to ransomware that States were fighting back and that there is some “guarded optimism at this point”.

“Better international cooperation particularly around intercepting these groups revenue, and targeting their core infrastructure, has seen some of the major groups fracture in the last few months. Also it appears that the percentage of victims who were paying ransoms continues to fall, at least partially due to the fact that victims are now more resilient.

“Critically and this cannot be overstated chair, none of these groups despite their capabilities, are unbeatable. Sensible resilience measures can dramatically reduce likelihood of being targeted can reduce the seriousness of the impact if you are targeted, or can make it far easier to recover even if you are hit,” he added. 

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.

Support us Learn More

Author
Niall O'Connor
nialloconnor@thejournal.ie
Send Tip or Correction
Read Next
More Stories
Related Tags
Your Voice
Readers Comments
17
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel