A report on cyber-crime commissioned by the Department of Justice and Equality says Ireland risks suffering indirect as well as direct consequences from cyber-attacks due to its status as a location of choice for many global technology companies.

The report, which is a review of the current international situation and does not contain policy recommendations, was co-authored by researchers Sheelagh Brady from Security Analysis and Research Consulting and Caitríona Heinl from the School of Politics and International Relations at UCD.

Unreported

They say that, as opportunities for cyber-criminals grow in line with the more remote working and an increased use of digital technologies generally, Ireland must have “top-tier advanced cyber-readiness capabilities” to avoid the indirect consequences of cyber-crime such as loss of confidence from outside investors.

The report says that activities linked to cyber-crime often go unreported to An Garda Síochána, adding that this is likely to limit the ability to create effective policy solutions.

The authors find that the most significant cyber-crime trends and threats currently include:

• Ransomware,
• Other malware threats,
• Data breaches and network attacks,
• Spearphishing (targeting specific individuals for the purposes of distributing malware or extracting sensitive information),
• Attacks against critical infrastructure.

'Scattered'

Assessing current Irish legislation, the report says the codification of cyber-crime remains “scattered” across many acts, though the transposition of instruments such as the EU’s GDPR rules into Irish law means that preventative measures are now more likely to be introduced by organisations.

It finds that while effective legislation is desirable, it is not always feasible to have this in place to meet the rapid pace of technological change.

The report also cites research on raising awareness of cyber-crime, which shows that a shift from general campaigns towards more precise efforts is needed to bring about better cyber-security and resilience.

The publication is part of a series of research papers commissioned by the department to inform future discussions on policy.