Independent Senator Gerard Craughwell has hit out at Ireland’s cyber security regime after an attack left Dublin Airport staff with their data compromised.
The cyber attack, which occurred last month, was against a file-transfer software called MOVEit, which is used by third-party service provider Aon. This went on to impact many global companies, including DAA, which operates Dublin Airport.
Specifically, the hack resulted in data being leaked regarding the pay and benefits of almost 2,000 DAA employees. Moreover, a spokesperson for Aer Lingus confirmed last month that as many as 5,000 of its employees were impacted by the breach.
“DAA can confirm that as a result of a recent cyber-attack on Aon, a third-party professional service provider, data relating to some employees’ pay and benefits was compromised,” the operator said in a statement.
“DAA takes the security of sensitive personal information extremely seriously and has notified the Data Protection Commission of the third-party breach.”
Reacting to the news on Twitter, Independent Senator Gerard Craughwell said “It really is time we all upped our game in all things cyber security,” adding: “The HSE has been hit twice, Aer Lingus, MTU – what more do we need to know?”
#cyberawreness
It really is time we all upped our game in all things #CyberSecurity. @HSELive has been hit twice Aer Lingus, MTU what more do we need to know https://t.co/1gNTw39dsV— Senator G Craughwell (@GCraughwell) July 2, 2023
Speaking to Gript about the matter, Craughwell said that regrettably Ireland “takes neither security or defence seriously.”
“I do see ongoing cyberattacks as a feature of modern living,” he said.
“The real issue is the need to build awareness right across the population. I hope to see a Cyber awareness program in our national schools as soon as possible.
“I believe that the library service must also be able to deliver cyber awareness programs.”
Craughwell added that the Louth and Meath Education and Training Board (LMETB) had “already started” the process of “upskilling the nation” regarding cybersecurity, adding: “There are a number of tailored courses available there. The task now is to expand to the other ETBs.”
At the end of last month LMETB rolled out a National Cyber Security Training programme, aiming to “help Ireland to become a global cyber security leader.”
Dundalk's AMTCE and LMETB launch National Cyber Security Training programme https://t.co/mpdmpmtqq8
— Louth Live Dundalk Democrat (@DundalkDemocrat) June 16, 2023
“The cyber-attack on the HSE was a wakeup call for Ireland,” Senator Craughwell said at the programme launch.
“Our citizens must quickly understand that our nation’s cyberspace will be exploited at all levels by rogue states and criminals from home and abroad. It was surprising to see how quickly the HSE story was consigned to history.
“Many seemed to accept that it was just one of those things we must learn to live with. Clearly cyberattacks must never become ‘just one of those things’ we must all accept that we have a role in defending ourselves and the state against such attacks.
“Most see cyber security as a job for government, the Gardaí or the NCSC, few see themselves as having a role. If we are going to have any chance at limiting the damage a cyber-attack could unleash on our country, its economy, and its citizens we are all going to have to up our game in cyber awareness.”