The suggestion that the computer of a Cabinet Minister – one of the most senior members of the Government – has been hacked is, you might think, a grave matter of national security. And yet, though such a hacking was revealed this week by the Secretary General of the Department of Health, it has received scant attention.
Here is what Robert Watt told an Oireachtas Committee this week, in evidence described by Committee Chairman John McGuinness as “falling well below the standard expected of a senior civil servant”:
Mr Watt also disclosed that while Stephen Donnelly knew of the plan “in generality” and there was an attempt to send him a more detailed note while he was in America.
However, Mr Watt disclosed that his “machine was hacked” so he he did not receive an email with the details of plans to allocate €2m in funding towards the position. “His system got corrupted and it slipped our mind to give him the detail,” Mr Watt said without providing much more by way of detail. “There was an IT challenge with the minister and the system.”
Objectively, the Minister for Health’s computer being hacked should be a major national scandal that prompts an urgent, Government-wide review of IT security protocols and the involvement of the Gardai, the Defence forces, and the state’s intelligence services. In reality, however, this revelation prompted mild criticism at an Oireachtas committee. Why?
Followers of Irish news will be aware that this is not the first hacking incident involving the Department of Health. On May 14th, 2021, the HSE fell victim to a ransomware attack which resulted in the personal data of 520 Irish patients being published on the internet. At that time, it was revealed that the Irish Cybersecurity Centre has a budget of just €5m annually.
This particular hack, if it happened, would have occurred about nine months later, making it even more scandalous: Fully nine months after the biggest cybersecurity breach in the history of the state, we are led to believe that the computer used by a cabinet minister (or, if you read Watt’s words differently, that of a very senior civil servant) was hacked, and his emails intercepted. The security implications are mind boggling: Ministers routinely receive security briefings, sensitive commercial information, travel arrangements, and a whole lot more.
And yet, this revelation is relegated to a minor footnote in the Independent’s coverage of the hearing, and seems to have received barely any follow up from the legislators who were questioning Robert Watt. Why?
One reason, I think, is that to many of them the “computer was hacked” story smells a little like nonsense: It’s the de facto, go-to excuse for a politician in email or social media trouble. It was rolled out, a few years ago, when an elected MEP appeared to type his google searches for nude images of another politician into his twitter account by mistake: That, we were assured, was a hack. It is the standard excuse when some prominent person accidentally reveals in a tweet or other social media post their interest in pornography. And now it is an excuse for a cabinet minister not getting an email.
The difference here is that hacking somebody’s social media account to post pictures of Father Jack Hackett’s favourite thing in the world besides drink and feck is not the same thing at all as hacking the computer of either a cabinet minister or his most senior civil servant. If that excuse is employed, then it is an admission of a security breach unparalleled in the history of the state. And if one senior official’s computer can be hacked, then what of those of others?
There are, of course, reasons to be sceptical of the claim made by Watt.
Primarily, there’s the issue that a hacker sophisticated enough to break into the machine of somebody that senior would presumably want to keep their presence a secret: Why steal emails once, if you can maintain access and steal them on an ongoing basis. If your aim is espionage, then you’d want to keep the bug in the machine alive and well and undetected on an ongoing basis.
Further, the “hack” excuse just so conveniently tends to exculpate one of our most senior civil servants of the charge that he did not inform his Minister about an embarrassing scandal that had not yet become a scandal. “I sent the email but he didn’t get it because there was a hack” is exactly the kind of nonsense one might theoretically come up with in a rush if one wanted an excuse.
But something sounding like nonsense doesn’t mean it is. And there are two reasons for further investigation.
Either, on the one hand, Watt was spoofing – and we have to believe he wasn’t. Or on the other hand, there was a major security breach.
He should be brought back, with other officials, to answer more questions on this point. I can’t imagine he would relish the prospect, which is another reason to do it.
Loading ...