State spending on cybersecurity criticised as ‘paltry’

Taoiseach defends threefold increase to €5.1m in funding of agency this year

 Taoiseach Micheál Martin: insists funding has been “significantly increased” for the National Cyber Security Centre this year. Photograph: Nick Bradshaw

Taoiseach Micheál Martin: insists funding has been “significantly increased” for the National Cyber Security Centre this year. Photograph: Nick Bradshaw

 

The Government has been forced to defend the level of spending on the cybersecurity agency leading the response to the ransomware attacks on the health service.

Taoiseach Micheál Martin and Minister for Communications Eamon Ryan said investment in the National Cyber Security Centre (NCSC) had trebled this year as this year’s funding of €5.1 million was criticised in the Dáil.

Figures compiled by The Irish Times show that such investment amounted to less than €14 million, not including payroll costs, over the past decade.

In the Dáil, Aontú TD Peadar Tóibín described the level of funding for the NCSC as “paltry” in the context of its responsibilities, while Sinn Féin TD David Cullinane said “we took our eye off the ball” on cybersecurity.

Mr Martin insisted funding had been “significantly increased” for the NCSC.

‘Criminal hacking’

Meanwhile, it has been confirmed that Minister for Foreign Affairs Simon Coveney discussed the cyberattack with his Russian counterpart Sergey Lavrov on Monday.

A spokesman for Mr Coveney said the hacking of the health service was briefly discussed on a scheduled call related to UN Security Council business. He added that the “criminal hacking of the health service was strongly criticised by both countries”.

The group which created the Conti ransomware used in the attack is sometimes known as Wizard Spider and is based in Russia. It has been known to license out its ransomware products in return for a share of any profits.

Separately, cybersecurity experts are examining data posted on the internet claiming to be from the Health Service Executive ransomware attack. However, as of now, there is no indication the data came from HSE servers. The data is heavily redacted and does not appear to contain sensitive information.

Data dump

Officials continue to monitor dozens of “data dump” sites for signs of hacked data being posted online. It is thought the cybercriminals may post a sample of the data to show they are in possession of it and are willing to leak it.

Minister for Health Stephen Donnelly told the Dáil that five patient files which have been put up online were “heavily redacted” and it is not yet clear whether they are genuine.

The HSE said restoration of its computer systems would take “many weeks” following last week’s cyberattack.

The complete rebuilding of its computer network could take several months, according to sources. Hospitals and other services have been asked to plan for operating essential services “within contingency arrangements” for the next two weeks.