The State should consider creating the capacity to ‘counterstrike’ against hackers who attack computer systems with ransomware, Dundalk TD Ruairí Ó Murchú has said.
The Sinn Féin TD was speaking after a number of meetings of the Joint Oireachtas Committee on Transport and Communications which heard from a number of cybersecurity experts about strategies to deal with hack attacks in future.
One expert, Pat Larkin, CEO of Ward Solutions, said the best defence was to have the ability to counterstrike against the hackers.
Deputy Ó Murchú said the State has to look at this idea and consider creating the ability to ‘hack the hackers’.
The Louth TD, along with his committee colleague, Darren O’Rourke TD, also called for the state’s cyber security apparatus to be established on a statutory footing and for the appropriate funding and resourcing to be allocated to it.
The ransomware attack on the HSE has had a devastating impact on the provision of health services across Ireland, Deputy Ó Murchú said, with ‘expert after expert telling the committee the State’s cyber security systems are under-resourced’.
The current annual budget of the National Cyber Security Centre (NCSC) needs to be boosted from €5 million to €50 million, according to expert testimony.
He said: ‘From the comments of expert witnesses, it is clear that a much wider focus on the structure, governance, funding and resourcing of cyber security is now needed. The ongoing review of the National Cyber Security Centre will help inform this.
‘There has been a more than 300% increase in cyber attacks on systems over the last year. Experts at the committee have said they were previously dealing with one attack a week on average, which has increased to one a day now, according to Minister Ossian Smyth.
‘We heard evidence at the Oireachtas Committee that the NCSC is not on a statutory footing. This needs to be addressed immediately.
‘New legislation is needed to underpin the state’s cyber security capabilities. They have to be creative and innovative when coming up with solutions and that includes thinking about counterstriking capacity.
‘A vulnerability assessment of other vital IT systems, such as the electricity grid and banking services, currently underway, needs to be prioritised, to identify any weaknesses that might exist in these essential areas’.
