Dáil Éireann Debate, Tuesday - 13 December 2022
182. Deputy Niamh Smyth asked the Minister for the Environment, Climate and Communications the status of his Department’s investigations of the HSE cyberattack in May 2021; if a foreign power was involved; the measures that have been taken to prevent such an incident from reoccurring; and if he will make a statement on the matter. [61790/22]
View answerThe National Cyber Security Centre has a broad mandate to lead in the management of major cyber security incidents, provide guidance and advice to citizens and businesses, and manage cyber security related risks to key infrastructure and services. In July 2021, arising out of a capacity review commissioned prior to the HSE incident, the Government agreed a number of significant measures to support the continued growth and development of the NCSC, including the expansion of staffing to at least 70 by end 2024. These measures also include the development of a dedicated HQ facility, and legislation to grant the appropriate mandate and authority to the NCSC to fulfil its important functions.
Earlier this week I launched a consultation on the Mid-Term Review of the National Cyber Security Strategy 2019-2024 which will inform further steps to develop the NCSC, support the continued development of the Irish cyber security sector, and further enhance the cyber security and resilience of essential services. I would invite all interested parties to review the consultation paper and share your insights to inform our priorities for the remaining years of the Strategy.
The NCSC led the national response to the Ransomware incident that affected the HSE in 2021, and shared a wide range of information on the tools, tactics and procedures used by the criminal groups involved. Since that time the NCSC has continued to work closely with the HSE in establishing systems to prevent incidents like this from occurring again.
The National Cyber Security Centre (NCSC) does not comment on operational matters.
