The State has been urged to rapidly develop its electronic security systems to defend Ireland against potentially devastating cyber attacks that could happen in “only a matter of time” .
Dr Cathal Berry, a former Army Ranger Wing commander who is now a Kildare South TD, said action was needed on a commitment in the programme for government to implement a national cyber security strategy.
He said senior people in multinational companies had spoken to him about the threat of cyber attacks and were concerned as “we just don’t seem to have the structures in place to mitigate against the threat”.
By some estimates, Ireland is home to 30 per cent of all EU data given the number of tech companies based in the State.
The Commission for Communications Regulation (ComReg) last year warned that with the ongoing rollout of 5G technology, nation states or groups acting on their behalf pose the biggest threat to cybersecurity, citing an EU cyber security report.
Currently the vast majority of information on national security threats, including threats of cyber attacks, is kept closely guarded by the State’s security services. Even when a major cyber attack occurs, information about them is scant.
A defence policy review provided to the cabinet late last year warned that increased spying by foreign intelligence agencies poses a risk to national security and to foreign direct investment.
The planned Government strategy includes measures aimed at ensuring the State is appropriately prepared for likely future threats, which Dr Berry said should be “front-loaded” into the first year of the Government’s term.
The National Cyber Security Centre (NCSC), the primary State body with responsibility for electronic security, has 24 staff with one extra due to join shortly and an annual budget of €4 million.
Dr Berry said the budget was “peanuts, really” and that the provision of offices for the centre was a “shambles”. He said they “don’t even have a proper office. They’ve been moved around, they’re in different locations”.
“They need an office headquarters where they’re going to be for 30 years and make it work instead of just moving around Dublin,” he said.
In reply to a parliamentary question from the TD, Minister for Communications Eamon Ryan said the centre deals with more than 2,000 cyber "incidents" annually.
The NCSC has been working with 67 operators of essential services to improve their security and formal audits are scheduled to start shortly, he said, adding that a capacity review was underway.
Dr Berry acknowledged that attempts were being made to improve cyber security but said these were “very minimalistic” and capability had to be developed because of the number of tech companies located in the State.
“We’ve seen what a biological virus can do to this country, so we should be prepared to protect ourselves from any electronic or cyber virus which comes in as well which would have a devastating effect,” he said.
Dr Berry said that “we’re becoming more vulnerable now because of remote working and the trend towards working from home”.
But “with very little input” a completely new dimension could be added to the NCSC by having gardaí, Revenue, Department of Communications and Defence Forces’ specialists operating together to offset the risks.
“On a scale of priority it really is an Achilles heel of the country at the moment. It really is a chink in our armour. And with a little bit of focus you could have a disproportionately positive effect.”