The threat of a direct cyber attack against the Irish state remains low despite the war Ukraine, an Oireachtas committee has heard.
But the committee was told that the type of ransomware attack, carried out by cyber criminals against the HSE last year, continues to be “high”.
Richard Browne, director of the National Cyber Crime Security Centre, told politicians on Wednesday that while the threat from cyber crime against the state is “high”, there has been no change to the “rate or seriousness of these types of incident since the onset of war”.
But he said that his officials believe that danger of what he called a “destructive” cyber attack conducted directly against the state or state agencies is “low”.
Mr Browne said: “The NCSC assessment is that there is no evident intent by any party to launch attacks against the State.
“Similarly, there is no evidence of this type of activity being launched against other EU States either.”
However, he said that there is a “moderate” risk of an attack targeting a European or worldwide service that could have a knock-on impact on Ireland.
In an appearance before the Oireachtas Transport and Communications Committee, the cyber security chief said that the country faces a “persistent, active and serious threat of cyber espionage against both public and private entities” – but said that such a warning was not influenced by the Russian invasion of Ukraine.
Watch LIVE as the Joint Committee on Transport and Communications meets for a Discussion on cybersecurity and possible hybrid threats following the Russian invasion of Ukraine with @CyberSaintHQ & @wardsolutions #seeforyourselfhttps://t.co/OM4LMB9ODv https://t.co/HRywCw3cMb
— Houses of the Oireachtas – Tithe an Oireachtais (@OireachtasNews) March 30, 2022
However, he warned: “This analysis may change, and change quickly.”
He said: “The NCSC has been operating at a heightened state of preparedness since late last year response to the tensions in Eastern Europe.
“We have contingency plans in place, in case of escalation of malicious cyber activity impacting on Irish networks and services.”
He also pledged that the staff numbers in the NCSC will rise to 70 by 2024, up from around 30 currently.
Mr Browne said Ukraine had long been a victim of cyber attacks.
He added: “It is clear that the Russian State possesses and is willing to use very advanced offensive cyber security capabilities, and sought to deploy at least some of these in the run up to and during its most recent invasion of Ukrainian territory.”
The effect so far, he said, has only been “minimal”.
However, he did not underplay the potential threats arriving from the war.
“The world is watching and waiting for any kind of activity to come out of that region.”
“Is the state ready to deal with a serious cyber security threat? Yes,” Mr Browne told TDs and senators.
He urged politicians and the public alike not to see all or any cyber crime as backed by Russia or any other hostile state.
Calling for a “balanced perspective”, he warned against “paranoia”.
He said it was vital not to “call everything a wolf. Because one day a wolf will come and no-one will believe you”.
He also said that the centre will be moving to “Nato security spec” site next year.
Mr Browne was repeatedly quizzed about the hierarchy and relationship between the National Cyber Crime Security Centre, the Garda and the Department of Defence.
Committee chair Kieran O’Donnell revealed that An Garda Siochana and the Department of Defence had declined to send representatives to the committee, citing the responsibility of the National Cyber Crime Security Centre.
Mr Browne said his staff co-operated regularly with the Defence Forces and gardaí, but worked collectively through the National Security Analysis Centre in the Department of the Taoiseach.
He said that his centre does not play a role in prosecuting anyone.
“Our concern is understanding exactly what the incident is.
“If there is a national security element, that goes through the normal channels.”
Asked about the advice provided to parliamentarians and ministers, Mr Browne was clear that the Oireachtas was a target.
“Parliaments in general are targets of cybersecurity incidents.”
He said that that National Cyber Crime Security Centre did provide advice and guidance to politicians, with hopes to give more direct advice in the near future.
“We have sought to do that for quite a while. We will be doing that,” he told the committee.
Mr Browne was also questioned about the serious ransomware attack on the HSE last year, as well as a more recent reported attack on the Rehab Group charity.
The ransomware attack on the HSE, which occurred in May, caused major disruption to the Irish health service, leading to mass cancellations of appointments and surgeries.
“The incident is resolved,” he said.
“This is an extremely serious example of what can go wrong.”
He said it was a “preventable” incident.
Cork TD James O’Connor also challenged the national director on his suggestion that State agencies and entities are ultimately responsible for their own security risks.
“If that’s the case, your role is pointless,” the Fianna Fáil TD said.
“We can give them support and assistance which we do, but ultimately, because they own the system, they have to own the risk,” Dr Browne responded.
“The way we do cyber security is the way Europe as a whole does cyber security.”