Global tech firms forced to report break-ins by hackers to Irish watchdog

Kevin Doyle and Robin Schiller

Vast amounts of personal data is stored on mobile devices – including financial information, personal photographs and even location history (Stock photo)
Vast amounts of personal data is stored on mobile devices – including financial information, personal photographs and even location history (Stock photo)

Ireland is to become chief regulator of online security in some of the biggest companies in the world, including Google, Apple, eBay and Microsoft.

Banks, airlines, IT giants and utility companies based in Ireland will have to report breaches of cyber security to the Government under new laws to be introduced.

Communications Minister Denis Naughten will today brief the Cabinet on the establishment of a National Cyber Security Centre (NCSC) which will be charged with protecting some of the leading companies in global industry.

It comes on foot of a Cyber Security Directive from the EU which will require particular utilities and businesses to report cyber incidents on a mandatory basis and to meet particular security standards.

The State will also police a new regulatory regime on so-called Digital Service Providers (DSPs), including cloud providers, search engines and online market places.

Ireland already has responsibility for dealing with data protection issues at some multinational companies based here.

"Business confidence will be somewhat dependent on the State's ability to implement this directive in a pragmatic manner that respects EU obligations," a source said.

"Significant resources will be required and primary legislation will need to be passed by May 2018." A public consultation process will launch shortly.

Mr Naughten's department will also shortly start the process of recruiting eight staff for the NCSC and is engaging with the Department of Public Expenditure on a secondment programme for staff from other departments.

Attacks

A number of global websites including Twitter, Spotify, PayPal and Reddit were inaccessible on Friday after hackers unleashed a series of attacks on a company that acts as a switchboard for the internet.

Ireland will now be charged with mitigating attacks of that scale for major companies on a pan-European basis.

Meanwhile, gardaí have warned that 2.3 million people in Ireland using smartphones could be at risk of having their personal information compromised in a malware attack.

Vast amounts of personal data is stored on mobile devices - including financial information, personal photographs and even location history.

Gardaí have warned that information on smartphones is a target of cybercriminals.

The proportion of web traffic on phones in Ireland is almost one-third higher than the European average, and one-quarter higher than the UK.

The Garda Cyber Crime Bureau is advising phone users that passwords on online bank accounts may be at risk if their phone is subjected to a malware attack.