| 13°C Dublin

Security beefed up to save CAO website

A NEW website security system installed by the CAO will repel any attempted repeat of last year's cyber attack, it is hoped.

Tens of thousands of Leaving Cert students will log on to the site on Monday to see what third-level courses they have been offered.

And the service will be on high alert after many school leavers were prevented from accessing the information for a number of hours last year.

CAO operations manager Joe O'Grady told the Herald a new "enterprise-level" security system has been installed to ensure everything goes smoothly.

The program is suitable for organisations the size of the CAO, which will be handling heavy online traffic.


It was developed "with our own people as well as external security advisers", he said.

A review undertaken in the wake of the attack last August pointed to a need for increased online protection.

The new system is designed to deal with heavy traffic and any security issues that may arise like last year's denial-of-service attack.

Recent suspicious activity on the site had no effect on the system, indicating the upgrade is working.

"We have put the measures in place to ensure the system is operational," Mr O'Grady said.

"We expect it to operate as normal."

The CAO passed on details of the 2010 attack to gardai.

A spokesman for the Garda told the Herald the probe is "ongoing".

He did not say whether there had been any arrests or whether charges were imminent.

On August 23 last year, the site was hit with a denial-of-service attack at 6.10am, 10 minutes after college offers went live. The site was not fully functional again until 3pm.

Mr O'Grady had described it as a "malicious" attack, which came from an unknown source.


In a denial-of-service attack, the site is swamped with page requests to prevent it from responding to legitimate traffic.

As false internet provider addresses were used, it has been extremely difficult to locate the computer that was used.

Data from the Information Systems Security Association and the UCD Centre for Cybercrime Investigation suggests that 30pc of Irish organisations have been victims of denial-of-service attacks.

Experts have pointed out that Irish law does not contain a specific criminal offence to deal with this type of behaviour.

The points needed to gain entry to CAO courses increased last year, representing a reversal of the recent trend.

Don't miss your CAO special in Monday's Herald