The Northern Ireland Civil Service blocks between 80m and 100m suspicious emails every month, with a “large portion” likely to contain malicious cyber threats, it can be revealed.
The shocking figures lay bare the threat to the public sector posed by cyber criminals.
Earlier this year, a cyber attack on the Republic’s health computer systems was branded as possibly “the most significant cybercrime attack on the Irish state” in its history.
The Department of Finance (DoF) handles personnel issues for the Northern Ireland Civil Service (NICS). Finance Minister Conor Murphy was asked how many cyber crimes have been launched against the NICS in recent years.
Mr Murphy said it is not possible to say precisely how many attacks have occurred, however the number of “hostile events” blocked by the NICS network firewalls are a good indication of the scale of the situation.
In the last 30 days, he said 604,080 possible cyber attacks have been blocked from entering the NICS network.
“The NICS blocks between 80-100 million emails per month from entering the NICS email domain. A large portion of these emails are likely to contain malicious cyber threats,” he added.
Ulster University cyber security Professor Kevin Curran said one of the biggest challenges facing organisations, both public and private, is ransomware attacks, which encrypt files on a device, rendering them unusable, until a ransom is paid to hackers for the files to be unlocked.
“Monetarily, these attacks can have a significant impact, as it can cost a lot of money to have infected systems cleaned. With everything going online these days, attacks like these are becoming more common,” he told the Belfast Telegraph.
“Many of these attacks would not be targeted, but more indiscriminate probes sent out by hackers from anywhere. But still the significant damage can be caused simply from one person clicking something in an email — that’s all it takes. It terms of the level of protection companies or public bodies can have against such bodies, it all depends on the budget they spend on security.”
Prof Curran said no one can ever be 100% secure from these attacks — “the only way to be secure online would be not to buy a computer and, if you to buy one, don’t turn it on”.
Queen’s University cyber security expert David Crozier said many attacks involve artificial intelligence, which can “automatically spew out” mass amounts of attacks autonomously. “The numbers in the NICS’s case are so large because hackers are sweeping all email exchanges and network probes for the whole of the Civil Service, covering all departments and agencies,” he said.
“The key thing is that the Civil Service are taking a pro-active approach in defending their networks. Could you do more? Every organisation could always do more.
“The threat in real terms is exemplified in the attack on the health service in the Republic some months ago, there were operations cancelled and problems processing inpatient and outpatient appointments. These attacks have a very real impact in the day-to-day operation of organisations.”
Ulster Unionist MLA Steve Aiken, chair of Stormont’s Finance Committee, said the large, and growing, number of cyber-attacks on our critical infrastructure is now a “major risk” to our public services.
“While many of these have been thwarted, the sheer volume of these ‘mass attacks’ means that, regrettably, some may indeed get through. The impact by cyber-terrorists on the Irish health system is a case in point,” he said.
“Being part of the United Kingdom with our own significant cyber defence capabilities is an important deterrent to attacks, but we cannot afford to be complacent. In this uncertain world, state and non-state actors, including from Russia, China and others seeking to undermine western democratic systems, we need to ensure that we invest in proper cyber security and realise that all levels of government, from the Council Office to the centre of our NICS departments, are under this very real threat.”
DUP MLA Pam Cameron added that it would be important to ascertain any data in relation to different types of threat.
“For instance in terms of the emails quarantined, how many of these are phishing attempts or are attempts to send a virus into the network? Details on ransomware attempts and social engineering attacks would also help to identify the most serious cyber-attacks faced by the NICS network,” she said.
“Overall it is vital that the Civil Service keeps a high alert against all forms of cyber-attacks. Given the importance of the network and the information that will be held on it, there is an obvious need to ensure the highest level of security.”
The DoF said: “The NICS remains vigilant and have invested significantly in technology defences and security operations to increase our cyber resilience.
“The Department works collaboratively with the National Cyber Security Centre (NCSC), Cabinet Office, Irish Government officials and devolved administrations to prevent successful cyber attacks. We also have an ongoing awareness programme for staff to highlight likely threats.”
The PSNI said it works with a range of partners from across law enforcement, industry and the public and private sectors to guard against cybercrime.
“We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting both national and international cybercrime,” said Detective Chief Inspector Paul Woods.