Northern Ireland Infrastructure Is Under Attack By State Actors, Says Top UK Cyber Agency

Ciaran Martin

According to Ciaran Martin, the top dog at UK’s cyber security agency, significant” online attacks are being launched against Northern Ireland infrastructure by a state actors.

He made the revelation on a two-day visit to Belfast during which he briefed the permanent secretaries of Stormont departments and delivered a speech at Queen’s University.

The NCSC was set up by the UK Government last year and so far have managed 590 significant cyber incidents across the UK while preventing tens of millions of attacks through active cyber defense measures.

While Mr Martin said that the UK had not yet been the subject of a ‘category one’ very serious national level emergency, such as an attack on power grids or a State broadcaster, he added that his organization expected a “significant scale attack” in the next few years.

He said: “The risk is there, I don’t want to over-hype the risk, but in a digital economy like NI there are critical systems – the NHS, there will be power grids and so forth – so part of our job is to help the owners of those networks and make sure that if there is a large-scale very serious attack that it can only do a certain amount of damage and it can’t paralyze the system. Part of the NCSC’s job is, over time, to build in that resilience into the system so that large-scale damage is less likely.

“So a very serious attack is possible. I wouldn’t say it’s statistically more probable or less probable that it would happen in Northern Ireland than England or the Republic or somewhere else. What I would say with high confidence is that there is an everyday risk to the economy here from that sort of low sophistication, but highly prolific, set of attacks. There is always the potential for a very serious attack, and certainly at a UK-wide level I think we expect a ‘significant scale attack’ in the next few years.”

The agency chief revealed that much organized cyber crime originated in eastern Europe, particularly Russia.

He continued: “Mostly you’re just talking about low-level prolific tech where someone wants to steal a few hundred pounds, someone wants to hold a business to ransom, someone wants to steal a data set. It’s just that corrosive, low-level damage where each individual attack is of no particular strategic significance, you add them all up and you’ve got a big problem and that’s what we’re trying to fix.

“The main source of cyber attacks are hostile foreign states and international criminal groups, they’re not terrorist groups or paramilitary groups whether here in Northern Ireland or elsewhere. Paramilitary and terrorist groups across the world tend not to have very sophisticated cyber attack capabilities. It’s mostly an organized criminal network, it may be under the sponsorship of the state, but it’s a bunch of people sitting in cubicles looking at screens trying to do a large-scale attack.”

He advised that everyone take “sensible precautionary measures” against online threats.

“The main types that you’re likely to encounter are theft of credentials in order to enable identity fraud, and as we’ve all seen, ransomware, where businesses are held to ransom – their data stolen and all their files are encrypted and they are asked to pay. Both of those are very large-scale problems,” he said.