Die Hard scenario unlikely but not impossible, says cyber security chief
Cyberattacks are becoming 'messier and more complicated', says National Cyber Security Centre head Richard Browne.
Ireland’s cyber security body will be “getting into people’s faces” a lot more under Government expansion plans and EU legal requirements, the country’s cyber chief has said.
Richard Browne, head of the National Cyber Security Centre (NCSC), said this would apply both to the gangs behind cyberattacks and to companies and agencies that need to beef up their cyber security systems.
The senior intelligence officer said the HSE cyberattack was a “nightmare scenario” but said that health systems across the world are “uniquely vulnerable” from a security point of view.
He said that while such paralysing assaults are very rare, cyberattacks are becoming “messier and more complicated”.
Mr Browne, acting director of the NCSC, said that talk about “cybergeddon”, a type of digital “doomsday scenario” as featured in , is not impossible but is an “extremely low probability event”.
In an interview with the , Mr Browne welcomed the recent Government’s announcement of increased staffing to the NCSC and new legislation.
“We have a number of legislative shortcomings right now which prevent us from doing the things that we need to do,” he said.
He said the Government’s decision committed to a legal instrument for the NCSC, establishing it and giving it formal legal roles and powers, which among other things should overcome restrictions caused by data protection.
He also welcomed an external capacity review of the NCSC, published in September, which the cyber minister Ossian Smyth has said the Government will be implementing.
“The capacity review is very clear that we are fit for purpose on the basis of the limited functions we are doing right now, but it needs to expand significantly to deal with things that are coming," said Mr Browne.
He said forthcoming EU legislation will have major implications for the NCSC in terms of implementing new measures.
“We are seeing a requirement for much more intervention by us into industry, not just hand-holding, but getting into people’s faces and saying ‘these vulnerabilities that you have, they need to be fixed’.”
He said they learned a lot from the HSE cyberattack and that a “much more expanded” operations team is needed.
Mr Browne said cyberattacks are “getting messier and more complicated” and that the enlarged operations team would be dealing with HSE-type “rolling, technologically complicated attacks”.
He said catching the attackers is the next step.
“Underpinning all of this is finding the bad guys, watch what’s happening.
He said some countries, such as the UK, have “extremely expansive means” of overseeing what’s happening, while other countries don’t have such agencies.
“Until you can proactively chase down, you are always going to be responsive, so you have to get out there and into people’s faces,” he said.
He said a Government monitoring platform, called Sensor, needs to be expanded.
“Sensor sits on Government networks and watches for certain types of activity, primarily at APTs [advance persistent threats], serious persistent threats to IT departments,” he said.
“That system needs to expand to cover a lot more of critical infrastructure.”
He said the NCSC also wants to put in its own structure to look at key parts of the internet, something that will also require a legal basis.
“This is not surveilling people, it’s not picking someone’s email,” he said.
“We are looking for signatures associated with known threat actors, so if actor X, who has just attacked somebody in the UK, who is known to everyone in Europe because we have the IOCs [indicators of compromise], we need a means to pick that up.”
CONNECT WITH US TODAY
Be the first to know the latest news and updates
