Cyber attack here poses ‘immediate’ EU threat
A cyber attack on a tech giant based in Ireland could have an “immediate” impact across the EU and even globally, according to the State’s new cyber strategy.
This creates “elevated” security and economic risk for Ireland — meaning securing information networks and systems is “crucial” for the country’s continued economic development.
The National Cyber Security Strategy 2019-2014 said six out of 10 Irish organisations reported being hit by cyber crime in the last two years, at a loss of over €3m.
Under the plan, Ireland’s electoral system will be brought into the country’s designated Critical National Infrastructure, covering areas like voter registration and regulating online political advertising.
The National Cyber Security Centre (NCSC), which leads policy and operations, will “receive” sanction for resourcing and staffing for expansion by the second quarter (April-June) of 2021 — but the strategy does not provide any details on current or planned resourcing and staffing.
Communications Minister Richard Bruton said Ireland needs to take “robust” measures to protect its national infrastructure.
“Cyber attacks, cyber crime, and identity theft can wreak havoc in this connected world,” he said.
The strategy states that, according to some estimates, Ireland is home to over 30% of all EU data, as well as being the EU headquarters of many of the world’s largest technology companies.
“Our economic success is therefore closely bound up with our ongoing ability to provide a secure environment for these companies to operate here,” it states.
“The security of our network and information systems is therefore crucial for the continued economic and social development of Irish society.
In many cases, rather than being passive repositories of data, these centres are now home to live operational software environments; an outage or incident affecting one of those facilities could therefore have immediate disruptive effects on infrastructure or business across the EU or globally.
The strategy says there is a “high-stakes technological arms race” between those attacking and defending information systems.
It says the computer security incident response teams within the NCSC had been “very significantly developed” since 2015 and now constitute “an expert unit with significant capacity”, assisted by the Defence Forces and gardaí.
It says the Defence Forces continue to play a “central role” in facilitating operations of the NCSC, and that State-sponsored security and military organisations are targeting the IT systems of governments, financial services, and technology companies — and that they pose a “particular challenge”.
Under the strategy, a public awareness campaign on cyber security and cyber crime prevention will run in the first quarter of 2021.
