Wednesday 20 September 2017

Cyber attacks are like 'biological warfare' and our Government must show leadership - security expert

Ransomware is causing havoc for computer users across the world. Photo: REUTERS
Ransomware is causing havoc for computer users across the world. Photo: REUTERS

Kathy Armstrong

Cyber attacks are similar to biological warfare and how we tackle them needs to change, a security expert has warned.

Paul Dwyer, CEO of CyberRiskInternational.com, said that those behind the ransomware keep creating new versions of the virus and our Government needs to be better prepare for this.

Mr Dwyer was speaking on Newstalk Breakfast after the WannaCry virus hit computer systems around the world, it caused chaos across the NHS and ambulances had to be diverted and operations cancelled as experts struggled to contain the attack.

He said: "This was an exploit by the National Security Agency which was put out into the world and is now being used by malefactors to attack businesses.
"So this was effectively a weapon from someone's arsenal in the NSA that has boomeranged back to the rest of the world because they didn't notify Microsoft in time or the rest of the world to say, 'hey guys, this tool which is very powerful and can do this is now out there'.

"They're the same people that said we should share intelligence and collaborate, we should help each other out because this is a global thing, there's no borders of barriers in the cyber world.

"This can be acquainted to biological warfare because we've often told how we need to learn lessons from the Centre for Disease Control.

"This is like a biological virus and we need to put controls in place to stop it spreading and we need to able to detect where it is and assist people.

"We need to remember that most maleware like this is dealt with by amateurs, advice is given out to people to how to deal with this but a biological thing to hit a city is dealt with by professionals sow e really need a change here in how this is dealt with."

The HSE has put security protocols in place since the attack was launched. REUTERS
The HSE has put security protocols in place since the attack was launched. REUTERS

Read More: How to protect your computer from future cyber attacks

He also said that our government must show leadership to protect Irish computer users.

He said: "Where's the Government advice and strategy in telling people with small businesses or home users ? This is part of the economy that keeps the whole country going and people need straightforward guidance in what to do on how to keep their systems going, from the guy with two PCs to those with up to 2000 PCs...

"Where the government strategy for what to do, people need guidance.

"This is basic cyber hygiene but I think the government need to go beyond gentle soft guidance a bit and mandate that people can't be running on systems that are  over 17 years old and cannot be passed without a lot of effort."

Read More: Global cyber chaos spreads with start of the working week

He also spoke of the challenged posed by tackling hackers.

Mr Dwyer said: "It's like a game of cat and mouse or whack-a-mole, the bad guys simply create a new version and get around it, this is what happens.

"We need to be vigilant and watch out for this."

Speaking on the same programme Richard Corbridge, Chief Information Officer of the HSE, said that his team were able to act fast to try to protect our health system.

Mr Corbridge said: "The HSE leadership met at around 4 o'clock on Friday afternoon and took the decision to treat this as a major incident, mobilise a team and remove the external connectivity to the emails.

"We were able to quickly take some very decisive actions, our biggest risk now is this morning when larger volumes of people come in to work, maybe they hadn't heard about the issues, they turn on their machines and we're asking that everyone turns on their  machine, nobody logs into their e-mails and we allow the solution to set in and we're pushing for this idea of think before you click all week.

"Everybody needs to be super vigilant all week."

Mr Dwyer advised that people can log onto www.cyberthreatsummit.com to check if their own e-mail account has been targeted.

Dublin Information Sec 2017, Ireland’s cyber security conference, addresses the critically important issues that threaten businesses in the information age. Tickets for the event at the RDS in Dublin can be booked here.

Online Editors

Editor's Choice

Also in Irish News