The HSE cyberattack should prompt us to join NATO

hmmm

Dohvolle wrote: »

Theft of the medical history of the state's citizens is not industrial espionage. Closure of the State's health IT infrastructure is not industrial espionage.
It's a level above that.

I can't believe people are trying to underplay this.

What is the purpose of our defence forces if they were not involved in the defence of the most serious attack on our infrastructure possibly in the history of the state? I'm not criticising them because I agree with everyone else who has said they are not being given the resources or influence. How much support has the talking shop of PESCO provided to us during this?

We don't ask companies or our public services to install anti-air defences to fight off air attacks, but we expect them to fight off cyber-attacks. There is a mentality problem here which has cost us dearly this time.

Estonia and to a lesser extent Ukraine are countries which have had to take this seriously. We've suddenly been catapulted into somewhere close to the front lines and it's a lonely place to be.

sparky42

hmmm wrote: »

I can't believe people are trying to underplay this.

What is the purpose of our defence forces if they were not involved in the defence of the most serious attack on our infrastructure possibly in the history of the state? I'm not criticising them because I agree with everyone else who has said they are not being given the resources or influence. How much support has the talking shop of PESCO provided to us during this?

We don't ask companies or our public services to install anti-air defences to fight off air attacks, but we expect them to fight off cyber-attacks. There is a mentality problem here which has cost us dearly this time.

Estonia and to a lesser extent Ukraine are countries which have had to take this seriously. We've suddenly been catapulted into somewhere close to the front lines and it's a lonely place to be.

PESCO doesn’t operate like that, are we even active in the Cyber projects?
https://eucyberdirect.eu/content_knowledge_hu/cyber-related-pesco-projects/
I mean we are only actively involved in one (maritime surveillance) and just “observer status” in another 8 so that’s not any use to us.

sparky42

RTÉ reporting that they have sent a decryption key, so did the HSE actually pay the ransom?
https://www.rte.ie/news/2021/0520/1222857-hse-weekly-briefing/

Cypher_sounds

sparky42 wrote: »

RTÉ reporting that they have sent a decryption key, so did the HSE actually pay the ransom?
https://www.rte.ie/news/2021/0520/1222857-hse-weekly-briefing/

Nope.

sparky42

Cypher_sounds wrote: »

Nope.

If they did they are never going to admit it, but with nearly a week now being offline I can imagine plenty of pressure to do something.

Dohvolle

Word is the Russian Government gave them an offer they couldn't refuse.

knucklehead6

Dohvolle wrote: »

Word is the Russian Government gave them an offer they couldn't refuse.

The HSE or the hackers?

tdf7187

Screw NATO. We need an off-the-books special ops department. Find and terminate the perps with extreme prejudice. Obviously this could not be subject to Dail oversight. We don't want the likes of Paul Murphy screeching and wailing about human rights.

irishrgr

It is interesting to watch this play out from the US, although, it's not getting any traction in the US media.

I have to agree, that joining NATO, while it is useful, I don't know that NATO is at a point to conduct offensive cyber operations given it is a consensus based organization. Debating a cyber action would defeat the purpose, unless it was a standing order of some sort. Cyber attacks are very hush hush.

In the policy world, there is a lot of discussion over the question of "does this constitute an act of war?". Given that if another nation state dropped a bomb on a power station, it's clear. If they drop a virus in and cripple the station, is it the same thing? Pundits beat that one to death.

I've probably said this before, Ireland needs to get over it's strategic arrogance about neutrality and wake up to 21st century geopolitics. Ireland has made its position on cyber very clear, the National Cyber Security Center doesn't have a director, (they grade & pay are an insult), it doesn't have a cabinet level position and the DF bodies seconded have been vacant due to shortages. The Natl. Cyber strategy hasn't been updated since 2017, that says it all really. Ireland doesn't have the resources for this sort of thing, so joining alliances and sharing is the only way ahead.

Cyber is hard, most people don't understand it, less so politicians. It's expensive, complex and very dynamic. The US has a CYBERCOM dedicated to it, and we still had the Solar Winds hack of the DoD. I just don't think Irish political leaders understand broad strategic issues like this and there is no lobby for it.

A possible silver lining would be to invest in the DF Cyber capability, especially given the commission is meeting during this.

Or, perhaps Mary Lou could just ring the hackers, and tell them "sure we're neutral" and they'll apologize right away I'm sure. Another positive, seeing as something like one third of the Garda stations are still not connected to the internet, at least they are safe :-)

Don't get me wrong, this sucks, Ireland is in a bad way. And think about what other systems in the country have been infected and are just waiting quietly.

Larbre34

tdf7187 wrote: »

Screw NATO. We need an off-the-books special ops department. Find and terminate the perps with extreme prejudice. Obviously this could not be subject to Dail oversight. We don't want the likes of Paul Murphy screeching and wailing about human rights.

While I agree in principle, one does not simply set up an office and order the headed paper marked Irish Secret Intelligence Service.

We have no assets, we have no contacts, we have no experience in the field. The only way something like that could happen is to have a friendly nation do it our behalf and on our dime. And in all liklihood, not even our closest friends internationally would do it without being in a formal alliance that provided for the sharing of secret intelligence.

Besides, these f***ers pose a grave threat to the State and private ICT systems of every major nation. I suspect if the US or Britain or Israel had been able to pin down who and where they are, they would have eliminated them already.

Larbre34

Dohvolle wrote: »

Word is the Russian Government gave them an offer they couldn't refuse.

Being in debt to Russia as a nation in any sense, but particularly for something like this, is a very very bad situation to be in.

Frankly we'd be better off keeping it between the Government and the hackers.

Listowel Man

the Irish government have until Monday to pay the HSE hackers

Traumadoc

hmmm wrote: »

The cyberattack on the HSE is being treated as a criminal matter. The reality is that we are likely dealing with attackers who are operating out of a country which has given them tacit approval for their actions. As someone else said, once you do this as a country you end up with 20 year-olds implementing foreign policy, and I think it is as much of an attack on this country as if it had been a kinetic attack.

If this had happened in a small NATO country you'd have seen some consideration of invoking the mutual protection clause. There's a diplomatic element to this (drawing up the rules of what is acceptable in cyberwarfare) and it also would have given them the ability to draw on the resources of other states.

Unfortunately for us we now have a problem as we've been marked as relatively weak and this will encourage more attacks (that's not to denigrate the hard work being done by people to try and recover from this).

Our fortunate geographical position has largely protected us to date. In cyberspace geography means very little, and we can very rapidly end up on the front line of what will be a new form of warfare. We need to seriously consider whether we have the ability to protect ourselves in this new environment, and if not what we do in response.

You really think NATO countries are protected or attacked less?

ineedeuro

Maybe instead of joining NATO we just ask our pubic servants to do their jobs?

Swindled

How is paying additional taxes to NATO, in a country with one of the best private sector tech capabilities in the world, going to cure Irish public service mangers incompetence ?

Larbre34

Swindled wrote: »

How is paying additional taxes to NATO going to cure Irish public service mangers incompetence ?

By giving us access to the kind of joint resources our taxes could never pay for in a million years.

Its thinking like yours and your friend above, that has us the way we are.

Topgear on Dave

Relax lads. Our magical shield of neutrality will protect us.

Edit: also something else will go wrong at some other part of the hse in a fortnight, the IT issues will be forgotten and resources are needed on the frontline.

ineedeuro

Larbre34 wrote: »

By giving us access to the kind of joint resources our taxes could never pay for in a million years.

Its thinking like yours and your friend above, that has us the way we are.

What way is that?

Swindled

Larbre34 wrote: »

By giving us access to the kind of joint resources our taxes could never pay for in a million years.

Its thinking like yours and your friend above, that has us the way we are.

Yep, let's treat the symptoms instead of the cause, great idea.
Yep, NATO are so great, they will cure Irish pubic sector management incompetence, and clean up after then every time for us.

Larbre34

ineedeuro wrote: »

What way is that?

Vulnerable, under resourced, behind the curve.

ineedeuro

Swindled wrote: »

Yep, let's treat the symptoms instead of the cause, great idea.
Yep, NATO are so great, they will cure Irish pubic sector management incompetence, and clean up after then every time for us.

We join NATO and then every country has a reason to come after us

Imagine how long it would take the terrible public service down around here? 2 or 3 mins before they cripple the whole place?

A crowd of incompetent clowns in the HSE and suddenly some people are talking about joining NATO and going to war. Baffling

Maybe, just maybe, we should ask people to do the job they are paid to do.

ineedeuro

Larbre34 wrote: »

Vulnerable, under resourced, behind the curve.

We are one of the major IT hubs in the World. We have a terrible public service run by terrible politician who are voted in by the public. People like the two lads from Kerry

What other way do you think it would be when people vote those clowns in? In the last election the biggest party was a crowd who support murders and child abusers.

Maybe we should fix our political system first?

Montage of Feck

We should consider also the Warsaw pact.

Larbre34

ineedeuro wrote: »

We are one of the major IT hubs in the World. We have a terrible public service run by terrible politician who are voted in by the public. People like the two lads from Kerry

What other way do you think it would be when people vote those clowns in? In the last election the biggest party was a crowd who support murders and child abusers.

Maybe we should fix our political system first?

I can't argue with that. But thankfully those you mention have not had influence in Government.

I'm not sure how you intend to "fix" democracy though, other than to put your name forward on a ballot and make an argument that is different to what has gone before.

Fundamentally you're right of course, we elect local politicians to do a national job and it should be a national assembly of policy and not a local talking shop of parish pump. Can't see the Healy Raes or the Shinners vote to change that anytime soon though. Can you?

Topgear on Dave

Montage of Feck wrote: »

We should consider also the Warsaw pact.

"You don't join Warsaw pact. Warsaw pact join you." :P

Sonic the Shaghog

Jesus Christ NATO and spec ops teams going around assassinating hackers. They'd be flying to Russia one week to kill a group of scammers, Latvia to riddle a bunch of 17 year olds in their mothers basement the next and off to blow up an office block of scammers in Pakistan or Nigeria the week after, ya that would go well

Lay off the 24 and Strike Back reruns lads ffs

Larbre34

Sonic the Shaghog wrote: »

Jesus Christ NATO and spec ops teams going around assassinating hackers. They'd be flying to Russia one week to kill a group of scammers, Latvia to riddle a bunch of 17 year olds in their mothers basement the next and off to blow up an office block of scammers in Pakistan or Nigeria the week after, ya that would go well

Lay off the 24 and Strike Back reruns lads ffs

Thats absolutely what should happen.

Anyone who would target the treatment system of hundreds of thousands of ill and vulnerable people, especially while that system is under extraordinary pressure dealing with a pandemic, for financial gain, does not deserve to live. I don't care who they are, where they are or what age they are.

Its really that simple.

Larbre34

So, it seems the nation of Belarus has committed, prima facie, an act of air piracy on an Irish/EU registered aircraft.

An EU internal Ryanair flight from Athens, Greece to Vilnius, Lithuania received a warning from air traffic control in Minsk, Belarus, while transiting the airspace of that jurisdiction, that they had information of some sort of security compromise on board and that the aircraft should land as an emergency, which it did in Minsk.

It turns out a Belarusian dissident was on board and was taken into custody, suggesting the security message was a ruse to interfere with the flight, aka piracy.

Another act of aggression against this State from a totalitarian Country in eastern Europe, although much more serious because it seems to have been perpetrated by the State authorities.

When is our Government growing to grow some balls in my question?

sparky42

Larbre34 wrote: »

So, it seems the nation of Belarus has committed, prima facie, an act of air piracy on an Irish/EU registered aircraft.

An EU internal Ryanair flight from Athens, Greece to Vilnius, Lithuania received a warning from air traffic control in Minsk, Belarus, while transiting the airspace of that jurisdiction, that they had information of some sort of security compromise on board and that the aircraft should land as an emergency, which it did in Minsk.

It turns out a Belarusian dissident was on board and was taken into custody, suggesting the security message was a ruse to interfere with the flight, aka piracy.

Another act of aggression against this State from a totalitarian Country in eastern Europe, although much more serious because it seems to have been perpetrated by the State authorities.

When is our Government growing to grow some balls in my question?

And what exactly would you suggest the state do, even if we had a NATO standard defence spending? Belarus knows apart from strong language nobody in Europe is going to be arsed reacting to this.

sparky42

Larbre34 wrote: »

Thats absolutely what should happen.

Anyone who would target the treatment system of hundreds of thousands of ill and vulnerable people, especially while that system is under extraordinary pressure dealing with a pandemic, for financial gain, does not deserve to live. I don't care who they are, where they are or what age they are.

Its really that simple.

No, no it’s not. Again even with a fully funded DF we wouldn’t be doing that.