Back then, cybercriminal groups largely focused on individuals rather than organisations. By 2016, they were targeting companies, hospitals, and government entities. 

Cybercriminals would break in and spend days rummaging, looking for data to ransom.

At the time, the majority of the attacks focused on targets in the United States. Thanks to the prevalence of cyber insurance policies, criminals often found it easy to convince American companies to pay up. 

A country with a small population, such as Ireland, whose companies probably did not have cyber insurance was a less attractive target.

The Covid-19 pandemic changed everything. Cybercriminals started targeting companies whose security was stretched by employees working remotely.

The pandemic has been a lucrative time for cybercriminal gangs and they have been emboldened to improve their tools and carry out more attacks, targeting bigger targets.

There is little room for error in cybersecurity, while cybercriminals only need to get lucky once. 

And if the cybercriminals have access to a so-called “zero-day” bug — a previously unknown flaw in an organisation’s software — it would allow potentially undetectable access to systems, rendering most of its defences useless.

For the HSE, this week's attack will affect patient care and privacy and will have a monetary cost, but systems will be restored and services will survive.

Critics of the HSE have blamed an under-investment in cybersecurity for the breach. The question quickly becomes, how much would have been enough?

The HSE has made investments to improve cybersecurity, with ongoing programs to upgrade its systems. Does the HSE need to be hacker-proof? That's an almost impossible task. 

We know the HSE didn’t suffer any major critical cyberattacks until this week. Its security systems have performed well in the past, successfully recovering from a ransomware attack against an agency in Wexford in 2017 and an attack on Tullamore hospital’s IT system in 2018.

Whether it meant to or not, the HSE spent money that could have been used to tighten its IT security on patient welfare.

The HSE could have spent €100m strengthening its security systems but it would have been at the expense of investments into medical equipment, infrastructure, staffing, training, and patient care. 

With hindsight, we can see that prioritising clinical care rather than cybersecurity arguably saved lives.

Finding the balance is something that every organisation struggles with. Solving cybersecurity problems costs a huge amount of money and the HSE has a finite budget. 

Every euro invested in cybersecurity is one that could be spent on patient care.

This week's attack represents a change in the Irish cybersecurity landscape. Criminals finally have Ireland in their sights and things may get worse. 

Several Government agencies are more vulnerable than the HSE. A major investment is now needed across all Government IT services — we cannot put it off any longer.

There are risks. We could throw good money after bad trying to secure software solutions but what Ireland really needs is an agency like the United States Digital Service: an elite technology unit to provide expert services to government agencies on IT and cybersecurity.

This group would coordinate IT projects and campaigns, own key projects, and largely act as a central body for best practices, ensuring our State agencies don't buy the cyber equivalent of magic beans.

Salaries for attracting talent can be a hurdle but we have a deep bench in Ireland and national pride can be leveraged to get folks to put on the green jersey.

There have been calls for investment into Garda and defence forces' cybercime budgets but this is a naive approach. 

It would be like putting out a housefire with a fire extinguisher. 

What we need are resilient IT systems. Garda and defence forces, cybercrime units and their EU partners should jointly target payment platforms, forums, and services that cybercriminals use, using diplomatic means to extradite suspects from countries that act as safe havens.

Ireland will hire more cybersecurity professionals and make drastic changes to its IT systems, but before we bolt the doors let's make sure that we don’t lose sight of what we’re protecting, and the cost.

Seanie Byrne is an Irish information security engineer and director of information security who has led security teams at Patreon, Truework, and Dropbox