Irish Examiner view: Cyber threat must not be underestimated

Attack during pandemic sinister in the extreme

Sun, 16 May, 2021 - 08:12

In recent days, Kerry fintech company Taxamoc was acquired in a €165.5m deal by Vertex, a company based in Pennsylvania. Founded and led 10 years ago by John McCarthy, a son of Fexco founder Brian McCarthy, Taxamoc’s technology facilitates e-commerce entities that need to automate compliance and commerce across cross-border transactions from merchant to seller to payer and revenue authority.

In the very simplest terms, Taxamoc technology delivers payments securely. That monetising of reassurance is also the foundation stone, or at least one of them, for the empire being built by Patrick and John Collison from the Tipperary side of the Shannon. Stripe is valued at €95bn. Again and in very sweeping terms, Taxamoc and Stripe ride shotgun on payments that, unless protected, would be susceptible to today’s relentless cyber piracy.

The potency of that piracy was shown yesterday, when health service IT systems were shut down after what was described as “possibly the most significant cybercrime attack on the Irish State” ever.

At the best of times, such an attack would be an assault on the stability of this Republic, but that it was launched as our health service grapples with an uncontrolled pandemic moves it to an entirely different, more sinister plane.

Official sources suggest the attempted tech coup was carried out by international criminals hoping to extort money, with a ransom demanded, it was revealed last night. The HSE insists it won’t pay any ransom, saying it has secure backups “for all the big stuff”.

Just as small or medium-sized countries struggle to regulate the ever-more-powerful data empires shaping social media — can anyone? — a tiny country like this is hardly, by itself, able to outgun the cyber pirates, who recognise and exploit this vulnerability. This is surely the kind of event made to show the value and comfort of EU solidarity. In an ideal world, an immediate EU investigation would identify the source of the attack and give the host country (or countries) a choice: close the operation down permanently or face real and lasting economic sanctions.

That would be the ideal situation, but we are still responsible for the tech security of this society’s essential services, including health, energy, water supply, banking and transport. As yesterday’s attack showed, and as uncertainty about its impact and duration continue, it is all too obvious that we need to better match threat and defences.

We, just like Taxamoc and Stripe, need to find a way and the resources to repel these invaders.

No Covid figures to be published as disruption continues from major ransomware attack

People of a certain age, all born long before a cyber attack was even imagined, will remember, with some embarrassment, the educational programmes advising us to hide under a table in the event of a nuclear attack. That advice has not aged well and, thankfully, that theory was never put to the test as our tech security was yesterday and may be for days to come. It would not be an exaggeration to regard yesterday’s attack as a contemporary version of a nuclear threat. We should regard it as such and act accordingly.