Search This Blog

Showing posts with label Ireland. Show all posts

NCSC Alerts of Cyber Threats to Ireland's Energy, Telecoms and Transport Sectors

 

One of the UK's leading cyber officials has cautioned of a rising threat to Ireland's cross-border telecoms, energy, and transportation infrastructure while praising the UK's continued close cooperation 

Lindy Cameron, CEO of the National Cyber Security Centre (NCSC), mentioned that the two countries had "shared cyber interests" and a strong bilateral partnership while speaking remotely at an Institute of International and European Affairs (IIEA) event in Dublin. 

This will become increasingly crucial, as per given the potential of increased cyber-threats affecting both Northern Ireland and its southern neighbor.

“Energy security for Northern Ireland is based on gas pipelines and electrical interconnectors to both Great Britain and across the border, including the Single Electricity Market. The energy sector is dependent on operational technology — connected systems that monitor and control automated industrial processes — to function effectively and efficiently,” Cameron explained. 

Cameron noted that it is a real possibility that this reliance on operational technology and the interconnected nature of the energy supply network on the island of Ireland combines to create a potential target for cyber-attacks.

Other probable concerns include a ransomware attack on the rail link between Belfast and Dublin, collectively operated by Northern Ireland Railways and Irish Rail, she noted. 

Cameron cautioned state actors are a constant concern that might exhibit themselves in the telecoms industry – where targets could be compromised to facilitate spying in other sectors as well as sources of consumer and communications data in and of themselves. 

She further added, “Some managed service providers that operate in Northern Ireland provide services both sides of the border. It is, therefore, a realistic possibility that a cyber-attack on a telecoms provider could impact services to both of our countries.” 

“The governments of both UK and Ireland have been clear that they will not tolerate malicious cyber activity, and we have and will publicly call out state-level attacks.” 

These dangers are no longer theoretical: in May, the Irish Health Service was targeted by a very destructive ransomware attack, which Cameron claimed put patients' lives in jeopardy. 

Following the incident, the NCSC collaborated closely with its Irish partners, however, the threat actors themselves handed over the decryption key after a few days as a "public relations move".

Ireland suspected Russian hackers of attacking the health service

 The National Cyber Security Centre of Ireland (NCSC) believes that the attack on the country's  Health Service Executive (HSE)  was most likely carried out by a group that is allegedly based in Russia.

The HSE said on May 14 that its IT systems were shut down after a hacker attack. The country's health ministry later announced that it was also cyberattacked on May 13.

On May 15, the American technology news site Bleeping Computer posted a message from hackers purportedly addressed to the HSE. In it, the attackers claim to have gained access to the HSE network more than two weeks ago. They are demanding a $ 20 million ransom for more than 700 gigabytes of personal data. The Irish authorities refused to pay the ransom.

According to local TV channel RTE, the Irish cybersecurity services believe that the attack was carried out by the Wizard Spider hacker group, which is allegedly based in St. Petersburg. It is reported that local officials have already contacted the Russian authorities. The Russian Ambassador to Ireland Yuri Filatov condemned the cyberattack and offered the government assistance in investigating the case.

The channel also reports that hackers provided the country's authorities with decryption keys, but in messages addressed to HSE employees, the attackers said that if they were not contacted, they would publish or sell personal data.

According to the channel, the attackers could have been pressured by the country or countries where they are based due to the damage done to the health care system in Ireland.

It is reported that the received keys are checked by an IT company hired by the HSE, and experts have reason to believe that the keys are genuine. However, they will not be used until they have passed a full malware scan. According to RTE, this is likely to take several days.

The West has repeatedly accused the Russian Federation of interfering in internal affairs and cyber attacks. Russia has denied all the charges, saying that Western countries have not provided any evidence. Moscow has repeatedly stated that it is ready for a dialogue on cybersecurity.


Irish Health System and 16 U.S. Health and Emergency Networks Hit by Conti Ransomware Gang

 

According to the Federal Bureau of Investigation, the same group of online extortionists responsible for last week's attack on the Irish health system has also targeted at least 16 medical and first-responder networks in the United States in the past year. The FBI said cybercriminals using the malicious software called 'Conti' have attacked law enforcement, emergency medical services, dispatch centers, and municipalities, according to a warning issued by the American Hospital Association on Thursday. 

In May of 2020, the Conti ransomware appeared on the threat landscape. It has some links to other ransomware families. Conti has evolved quickly since its discovery, and it's known for how quickly it encrypts and deploys around a target system. Conti is a “double extortion” ransomware that steals and attempts to reveal data in addition to encrypting it. 

The FBI didn't specify who was targeted in these hacks or whether ransoms were paid, only that these networks "are among more than 400 organizations worldwide victimized by Conti, with over 290 of them based in the United States." The new ransom demands have been as high as $25 million, according to the study. 

On Thursday, Ireland said experts were looking into a decryption tool that had been posted online, which could help activate IT systems that had been crippled by a major ransomware attack on the country's healthcare provider. The government stated that it had not paid any ransom and would not pay any in return for the alleged key. It didn't respond to claims that the gang had threatened to release reams of patient information next week. 

This ransomware attack has prevented access to patient information, forced medical facilities to cancel appointments, and disrupted Covid-19 testing around the country for the past week. Ossian Smyth, Ireland's e-government minister, has described it as "perhaps the most serious cyber crime assault on the Irish state." 

The hackers who took down Ireland's healthcare system are said to be members of "Wizard Spider," a sophisticated cybercrime group based in Russia that has become more involved in the past year. The group has threatened to release medical records unless Ireland pays a $20 million fine.

IT Services Remain Disrupted At Two Colleges Of Ireland After Ransomware Attacks

 

Two IT universities of Ireland the National College of Ireland (NCI) and the Technological University of Dublin have been hit by a cyber attack. 

Recently, both the aforementioned universities have reported ransomware attacks on their system. Currently, the National College of Ireland is working 24 hours to restore its IT services after suffering a massive cyber attack. Consequently, the institution is forced to go with an offline IT system. 

"NCI is currently experiencing a significant disruption to IT services that have impacted a number of college systems, including Moodle, the Library service, and the current students’ MyDetails service," the college reported on Saturday. 

An advisory that has been released by some press institutions said that two third-level institutions that are experiencing cyber-attacks, particularly ransomware attacks – in their regard, there is no definite timeline for when the IT services will be fully restored. 

In the wake of the attack, the two institutions have immediately notified the students, staff, and other employees, about the cyber attacks. Subsequently, NCI’s IT suspended access to the systems and the campus building was also shut down for staff as well as the students until the IT services are fully recovered from the attacks. 

NCI has also notified the important inquiries pertaining to the attack, to the authorities including the national police service of the Republic of Ireland and the Data Protection Commissioner. 

"Please note that all classes, assessments, and induction sessions planned from today Tuesday 6th until this Thursday 8th April inclusive have been postponed and will be rescheduled for a later date," NCI added in a statement issued today. 

"…The College will issue a further update on Thursday afternoon in relation to classes and other events for Friday and beyond. As well as, Students with assignments due this week were told that "no late penalties will be applied while the outage remains in place." 

Meanwhile, students were also told not to access any system of the campus until Monday, April 12. They were also advised to avoid contacting the IT staff that is at present working on restoring attacked IT systems.

Warning! Ireland's National Cyber Security Strategy; Fight Against Cyber-Crime


Ireland is all set to fight cyber-crime with its recently updated “National Cyber Security Strategy” which is way ahead of the last one the nation had.

This security strategy is just a way to meticulously ensure that the Irish netizens fully enjoy their digital rights and contribute to the internet society.

Per sources, the report cites that any minor or major cyber-attack on the multinational titans of the technological world could directly harm the security of data centers of the county.

The nation’s economic as well as political future depends on its cyber-security. The forthcoming Irish elections could be hindered easily if it were left to un-secure cyber-points.

Per reports, Ireland happens to hold more than 28% of the European Union’s data which in turn, in turn, is the headquarters of numerous big-time technology companies across the globe.

Hence, it is of the utmost importance to keep the country’s networks and devices essentially secured and tight against cyber-attack which is the aim of the Irish “National Cyber Security Strategy”.

If any of the prestigious institutions were to be even slightly compromised it would pose a direct threat to the business encompassed within the EU which in turn could lead to an economic disaster.

Ireland has never been too strong in terms of its cyber defense tactics and strategies as proven by the various attacks it has faced over the years.

Allegedly, the Cyber Security Strategy clearly mentions the challenges the Irish government faces especially regarding sensitive information.

Earlier the concepts of cyber-security were restricted to devices and networks that functioned on the internet wherein the targets could have been technology giants or other individuals.

But ever since the diaspora of the cyber-world and the evolution that it’s enjoyed ever since there are more serious matters that need attention like the electoral processes and other legislative tasks that need excessive secure conditions.

Irish military infrastructure, public sector security, the Irish political processes and almost every other thing that requires interconnected networks and devices, are all strong at the mercy of a safe and secure cyber environment.

Therefore it’s imperative for the nation to completely and effusively realize every single part of the strategy to their utmost capacity.