The head of Ireland’s National Cyber Security Centre, Richard Browne, has issued a serious warning about a significant increase in the risk of cyberattacks within the next couple of years. He asserted that there is a substantial escalation in geopolitical risk at present and these threats have only expanded in recent times.
This week, the NCSC will disclose its first publicly accessible National Cyber Emergency Plan, which will detail the procedures for the declaration, management, and coordination of cyber emergencies. Browne anticipates that the necessity for the plan will likely surge over the next two years – a timeframe the NCSC feels confident about understanding the associated risks.
He explained that the ubiquity of technology can lead to cyber incidents in a myriad of ways, emphasising the need for adaptability and flexibility in tackling whatever comes their way.
The National Cyber Risk Assessment, released the previous year, identifies spying as a chief risk facing the country. Michael McElgunn, the Assistant Garda Commissioner, reported that a small number of countries, including Russia, are suspected of espionage activities in Ireland during the past weekend.
The emergency plan includes three distinct tiers – normal operations, alert phase, and full activation phase. Equivalents of the plan have been formulated and circulated amongst government and state institutions previously but this will be the first public disclosure.
The State has reportedly shifted into a state of alert numerous times, unbeknownst to the public. An instance where full alerts would likely have been employed is the 2021 Health Service Executive cyberattack, if a protocol had been entrenched at the moment. The said protocol has been put into trial twice, focusing on the sectors of energy and transportation, specifically harbour infrastructure. The state is expected to continuously update this plan as part of both EU and Nato drills.
The plan lays out a blueprint for managing a potential cyber crisis, guided by a National Emergency Co-ordination Group. Depending on the exigency of the situation, the full activation of this plan could be enforced earlier than expected. There are also undisclosed parallel procedures encapsulated in the national security apparatus of the State.
Mr Browne cautions that cyber threats are multifaceted, sprouting from multiple sources and affecting various areas. These threats are not restricted to the realm of technology, and can bear implications in the political or trade spheres. He emphasised the escalation in the risk of far-reaching cyber attacks deriving from multiple sources, referring to the precarious geopolitical tensions in Europe as real challenges.
The centre deals with different types of incidents – be it of criminal nature, a threat to national security, or other – routinely. According to Mr Browne, this is in response to the mounting risks and underlines the necessity of their actions.
The plan could be incited by a plethora of threats, ranging from disruption in data accessibility or information systems, sabotage, data or system manipulation, or failure of systems due to technical glitches, natural disasters or human mistakes. To deal with these issues efficiently, the NCSC leverages resources from the EU-wide Cyber Crisis Liaison Organisation, Nato’s information-sharing networks, as well as its domestic supervision activities and intelligence collection.