The rapidly evolving cyberthreat landscape, underpinned by the unprecedented speed and sophistication of bad actors, means Ireland is increasingly vulnerable when it comes to dealing with a potential attack. The HSE ransomware attack of 2021 may be fading into memory but not for those tasked to deal with the fallout, which was devastating and far reaching.
The recently published National Cyber Emergency Plan, the first of its kind, aims to provide a blueprint for managing such large-scale attacks and for co-ordinating a national response. Its authors admit that it will be used “more and more” in the coming two years as the threat level continues to rise.
Experts say organisations are far from powerless when it comes to defending themselves against potential attacks but at the same time admit that the goalposts keep shifting as they come up against increasingly well-resourced attackers. Jan Carroll, founder of Fortify Institute, provides cybersecurity training and scholarships for cyber professionals and SMEs. She says that in 2024 the cyberthreat landscape is “more complex and aggressive” than ever.
“The latest reports highlight a significant increase in cyberattacks across the EU, driven by geopolitical tensions and the increasing sophistication of cybercriminals,” she tells The Irish Times.
‘A gas emergency would quickly turn into an electricity emergency. It is low-risk, but high-consequence’
The secret to cooking a delicious, fuss free Christmas turkey? You just need a little help
How LEO Digital for Business is helping to boost small business competitiveness
‘I have to believe that this situation is not forever’: stress mounts in homeless parents and children living in claustrophobic one-room accommodation
Attacks now manifest in a growing number of guises. Ransomware, where there is an attempt to extort the victim, remains a predominant threat, targeting a wide range of sectors. Social engineering attacks, particularly “phishing” in the form of scam emails and texts, exploiting human vulnerabilities, are increasingly prevalent. Carroll also notes that supply chain attacks have become more sophisticated, often involving multiple stages and targeting both suppliers and customers.
The advanced tactics and techniques of cybercriminals are as impressive as they are destructive. Carroll says organised crime gangs are professionalising their operations, offering ransomware-as-a-service and other illicit services, while nation-state-backed hackers continue to target critical infrastructure and sensitive data, often driven by geopolitical motives.
“So-called ‘hacktivists’ have also become more active, using cyberattacks to further their political or social agendas,” she adds.
A notable trend, Carroll says, is the misuse of legitimate tools by threat actors to prolong their cyber espionage operations and evade detection: “Additionally, there is a growing use of artificial intelligence (AI) in cyberattacks, making them more effective and harder to detect.”
According to Puneet Kukreja, head of cyber, EY Ireland, the cyberthreat landscape is now indelibly marked by the accelerated use of AI-enabled technologies, including deepfake techniques.
“Phishing and social engineering attacks have been greatly enhanced by AI, which is used to craft highly convincing messages and deepfake content, tricking individuals and organisations into divulging sensitive information,” he explains.
“Additionally, supply chain attacks are on the rise, as attackers exploit AI tools to identify and breach vulnerabilities in third-party vendors more efficiently, gaining access to larger networks and sensitive data. These will accelerate as large language models become widely available and easily accessible for perpetrators and cyber criminals.”
Yet the power of AI is also being harnessed when it comes to cyberdefence, Kukreja adds.
He also points to the impact of geopolitical tensions, leading to a rise in hacktivism that has resulted in increased data theft, cloud breaches and malware-free cyberattacks globally.
“The US and EU have adopted ‘de-risking’ strategies to lessen their dependence on Chinese technology, deepening East-West tech divisions,” he notes.
Some good news is that awareness of cyberthreats is at all-time high levels. Pat Moran, leader of the cybersecurity practice at PwC Ireland, points out that PwC’s 2024 Irish CEO survey revealed that “90 per cent of Irish respondents believe their organisation is exposed to cyber risks”.
But this may be because many have already experienced such an attack: PwC’s 2024 Digital Trust survey revealed that the proportion of businesses around the world that have experienced a data breach of more than €1 million has increased by a third in 2023 compared to 2022 – from 27 per cent to 36 per cent. “We see this trend continuing,” says Moran.
“It’s not hard to see why cyber continues to move up the corporate agenda,” notes his colleague Leonard McAuliffe, partner in the cybersecurity practice at PwC Ireland.
“The cost of cyber breaches goes much further than direct financial costs,” he says. “For example, aside from pure financial loss, the range of harm organisations have experienced due to a cyber breach or data privacy incident over the last few years include loss of customers, loss of customer data and reputational or brand damage.”
According to Carroll, no organisation is “too big or too small” to address cyber threats: “Micro SMEs, in particular, are highly vulnerable due to a lack of awareness and resources to tackle the issue.”
Agility is key – organisations must continuously adapt their defences to keep up with evolving cyberthreats, she adds.
“The traditional approach of static defences is no longer sufficient. Instead, a dynamic and proactive cybersecurity strategy is essential,” says Carroll.
This involves regularly updating and testing incident response plans, continuously monitoring for threats, and implementing effective access controls.
Preparing for cyber incidents is about when, not if, they occur. “This includes developing and testing incident response plans, ensuring everyone knows their roles during an incident and staying ahead of potential threats through proactive monitoring,” says Carroll. “Regular training and awareness programmes are key to equipping staff with the knowledge to handle evolving threats.”
Awareness is one thing but investment is another. Cyber budgets in 2024 in Ireland are set to increase, but not at the same pace as elsewhere. The PwC Digital Trust survey found that while almost seven out of 10 (69 per cent) Irish respondents said they would be increasing their organisation’s cyber budget in the year ahead, this lags behind their global peers, of which 80 per cent are set to invest more in cybersecurity.
Preparedness, cyber resilience and a heightened sense of the very real risks will go some way to protecting Irish organisations from the worst impact of inevitable attacks, Carroll says: “Preparing for cyber incidents through comprehensive strategies and continuous awareness ensures that we can respond and recover swiftly, minimising the impact on operations and society.”