Ireland to join Nato cyberintelligence sharing agency

Department of Communications denies move is a step towards full Nato membership

Experts believe Ireland is particularly vulnerable to international cyber attacks due to the concentration of international technology firms here and the ‘thinly resourced’ cybersecurity infrastructure. Photograph: iStock

Experts believe Ireland is particularly vulnerable to international cyber attacks due to the concentration of international technology firms here and the ‘thinly resourced’ cybersecurity infrastructure. Photograph: iStock

 

Ireland has applied to join a cyberintelligence sharing organisation run by the North Atlantic Treaty Organisation (Nato) in the face of increasing online attacks on Irish businesses and key infrastructure.

The Nato Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a military organisation based in Tallinn, Estonia, designed to increase co-operation and intelligence-sharing among Nato members and allies.

The centre was set up in the face of increasing cyber threats from Russia, China and individual hackers. Ireland is the fourth non-Nato country to apply to join the CCDCOE since it was established in 2008.

However, the Irish Government denies the move is a step towards becoming a full Nato member and says it will not place Ireland in the organisation’s military command structure.

“While formally a recognised Nato Centre of Excellence, the CCDCOE does not fall within the Nato military command or force structure,” said a spokesman for the Department of Communications.

“The centre is staffed and financed by its participating member states, which include both Nato members and non-Nato members including Austria, Finland and Sweden, who are ‘contributing participants’, the same status as Ireland will have.”

Ireland’s Ambassador to Estonia, Frances Kiernan, submitted a letter to the commander of CCDCOE last week outlining its intention to seek membership. It is expected the application will be granted.

Initiatives

Ireland already takes part in various Nato-led exercises and initiatives under the Partnership for Peace umbrella (PfP). The PfP programme aims to increase co-operation between Nato and non-Nato allies.

“While Ireland plays a full role in EU and other international organisations with regard to cybersecurity, there are limited opportunities for Ireland to access international best practice in terms of information on operational cyber security matters,” the department said.

“The primary benefits to the State from joining CCDCOE are access to training material and courses, and access to information on best practice and threat intelligence.”

The CCDCOE is seen as a bulwark against the increasing cyber-attacks on western countries. It was set up in Estonia in 2007 following attacks on that country’s election system by Russia the previous year.

Last year Ireland took part in a CCDCOE-led exercise in Tallinn which simulated a cyber-attack on a fictional small country at election time.

Experts believe Ireland is particularly vulnerable to international cyber attacks due to the concentration of international technology firms here and the “thinly resourced” cyber security infrastructure, said Edward Burke, assistant professor in international relations in Nottingham University.

“There has been an uptick globally in attacks but on Ireland in particular. We are vulnerable and we don’t necessarily have the infrastructure to do deal with it.”

He said membership of the Nato centre will allow Ireland to tap in to international intelligence and best practice on cyber-threats and apply them to Irish situations. “It’s incredibly useful for Ireland to be in that conversation.”

Military obligations

Mr Burke said he doesn’t believe CCDCOE membership brings Ireland a step closer to full Nato membership and the accompanying military obligations.

“It’s not that Ireland is necessarily moving towards joining Nato. It’s that Ireland sees an increased threat and is relying on the tools that it has. And the two most important tools are the EU and Nato PfP.”

Incidents of cyber attacks have increased substantially in recent years, according to a 2018 study from PwC. Sixty-one per cent of business surveyed reported being the victim of cyber crime, double the rate in other countries.

In 2017, an attempted cyberattack, bearing the hallmarks of Russian hackers, was launched on the ESB.

Ireland will be represented at the CCDCOE by a member of the Defence Forces Communications and Information Services Corps. They will report back to the National Cyber Security Centre based in UCD.

The department said Ireland will contribute €22,000 to the costs of the centre, which will come from the department’s budget.