In today’s world of constant information overload, sometimes a step back to survey the wider scene is necessary. When this is accompanied by a keen insight from a global expert, the results can be difficult to accept, but significant nonetheless.

On Thursday 28 April, 2022, the CyberExpo returned to provide Irish businesses with a broad assessment of the threat landscape and the current state of Irish cyber security, through a host of experts, practitioners and service providers, to provide intelligence and insights.
The afternoon programme, centred around a national cyber security discussion. Paul C Dwyer set the scene with a presentation entitled “On the internet, everywhere is Ukraine.”

ALL ROADS LEAD TO MOSCOW
That provocative title was carried through in the major themes, as Dwyer carefully and comprehensively demonstrated how Vladimir Putin’s rise to power saw specific developments that resulted in the current state of play. Dwyer demonstrated that Russian cyber threat actors, such as Fancybear, blackenergy, APT28, Unit 74455, and more, are actually under the direct control of Russian state intelligence apparatus, the GRU and the FSB. Being a former KGB officer, which later became the basis of the Russian Federation’s FSB, Putin is accustomed to wielding power through these groups through influence and patronage.

As Russia slid into gangster capitalism in the late 1990s and the 2000s, Dwyer showed how these relationships developed to the point of clientelism. He said around the time of the Chechen war, when criminality was rife, the state and the hackers came to a sort of understanding that fit within the culture of gangster capitalism.

They found that it was easier to tolerate crime than it was to tackle it, he demonstrated. An unspoken cooperation agreement began to emerge between the government and hackers and it worked like the gangster favour system — ‘you do a job for me, and I’ll look the other way as you go about your business’.

These people were protected by a nation state, Dwyer stated, while they carried out crimes against the rest of the world.
“This is what is happening in the fifth domain – cyberspace.”

“People ask me is cyber warfare real,” Dwyer reports. “The reality is that this is going on every day, and genuine, legitimate businesses are getting caught in the crosshairs, including the critical national infrastructure of countries.”

“On the internet, everywhere is Ukraine,” Dwyer reiterated, and “Ireland is on the same battlefield as everywhere else in the rest of the world.”

PUBLIC SERVICES AND OFFICES
In this context, independent Senator, Gerard Craughwell, spoke about the need to formalise intelligence capabilities in the state.

“The National Cybersecurity Centre is located in the Department of the Environment, Climate, Communications and Transport. While I do understand that this is an historical fact, it does say something about the way we think in this country,” said the senator.

Decrying the situation, he urged a more practical alternative. It would be more appropriately placed in Department of Defence, or the Department of Justice, or indeed, to give it the prestige that it requires, it should probably be placed in the Department of the Taoiseach, where it would have direct access to the office of the Taoiseach, the senator argued.

“Uniquely, in developed democracies, the Gardaí are double hatted in this country, there are both the policing and the intelligence service of the state. It is time for this to change,” said the senator. He stated that “it is time we established a national intelligence and security service,” which would be a peer equal to the CIA, MI5,the French DGSI, German FIS, etc.

“We need our own intelligence service,” he stated.

He continued, saying the truth of the matter is that we do not know what our intelligence gathering capability is. “There is no Oireachtas oversight.”

“I believe that our relaxed attitude to security places our economy, and our ability to attract foreign direct investment, in grave danger. And if we haven't learned that by now, we should have learned it,” said the senator.

PANEL VIEWS
With these high-level views set out, the industry panel, comprising Desiree Lee, CTO, Armis, Michael Conway, director, Renaissance, Pat Larkin, CEO, Ward Solutions, and Kevin O’Loughlin, CEO, Nostra, were joined by the senator.

I put a series of questions to the panel, to get the business view, in terms of challenges, awareness, and importantly, readiness. I asked the panel, from their respective areas of experience and expertise to characterise the experience of the businesses having to operate in this environment.

Larkin said that a series of significant attacks is being seen every day. It is underreported, and often covered up. Driven by financial gain, the attacks are causing huge losses.

O’Loughlin agreed and added that businesses are divided into those who have had an incident and have acted accordingly, and those that haven’t yet had a serious loss and are still not properly motivated to do what is needed to protect themselves.

There are a lot of Irish companies that still don’t have the basics in place, he stated. Out of 48 engagements last year, 4 had what would be regarded as the basics in place, he said.

CLOUD MOVES
Lee reported that many companies think that a move to the cloud extends security coverage for them, solving security issues, but often forgetting that everything that is not in the cloud still needs protecting to the same level. When you mix modern architecture with traditional architecture, she said, you still have the old challenges that need to be looked after.

Conway emphasised the lack of information and resources for businesses in Ireland, and the part that forums such the CyberExpo can play in sharing knowledge and bringing new developments to the user base.

There is a lack of awareness and education in terms of continuity, he said. The pandemic has shown up how important continuity is and how easily it can be disrupted. Businesses need to do more, to re-engineer and re-architect to be more resilient because we have seen that this is not widespread.
The panel agreed that threat intelligence sharing is vital, and when combined with a blameless culture, can do most to raise all boats in the current challenging environment.

ESTONIAN EXAMPLE
From a public services and institutions perspective, Senator Craughwell said Estonia is the model to which we should aspire. A question from the floor asked if the office of the Data Protection Commissioner had a part to play, to which most agreed to an extent. A further question asked if a ‘carrot and stick’ approach with insurance providers at the centre, was necessary. Again, broad agreement met the question, but only as part of a multi-layered approach, as highlighted previously.

The debate was concluded by Dwyer, who quoted the address made by US President John F Kennedy to the joint houses of the Oireachtas in 1963. In it, Kennedy quoted George Bernard Shaw, among others. President Kennedy talked of the impact Ireland has had, despite its size and wealth, due to the character of its citizens. Dwyer, echoing Kennedy, reminded us of the great Shaw idea.

Shaw said some people see things and ask why? “But I dream things that never were, and ask, why not?” said Shaw. Dwyer went on to argue that the problems of the world can never be solved by sceptics or cynics, whose horizons are limited by obvious realities. “We need men and women who can dream things that never were, and ask why not,” he said.

“And that's why today we want to invite you to join the National Cyber Advisory Board. This will be a board that will challenge, inform, and support the Irish Government in what we need in a cyber strategy in this country.”

For more information, go to cybertaskforce.ie

“Apply to join that board,” Dwyer urged. “We need everyone to be part of that solution. This can be tail wagging the dog. We can all become part of the solution.”