The Director of the National Cyber Security Centre has said that the cyber attack against the HSE last year is unlikely to be repeated, but should have been prevented in the first place.
Dr Richard Browne told TDs and Senators that several measures were taken in the aftermath of the attack to strengthen the security of the system.
Appearing before the Oireachtas Committee on Transport and Communications, Dr Browne explained how the HSE cyber attack unfolded.
He said that a laptop was compromised and remained so for seven weeks. Eight days before the major cyber incident the malicious actor "broke out of that laptop" and started exploring the HSE network.
Dr Browne told Committee chair Kieran O'Donnell that once the laptop was affected, "it could have been caught, but not necessarily in and of itself that's not the end of the world".
He went on to say that the actor should have been caught as it travelled across the network.
"There were multiple signals there that should have been caught and they were found by people, so it was known that there was activity, but there was no action taken," he explained.
Members of the Committee were told that the NCSC currently has 33 staff members, with ambitions to reach 70 by 2024 and more beyond that.
Many politicians expressed concern over what they considered to be a small number of staff in the NCSC.
Mr Browne said that a new facility is being built in Dublin 4 for the NCSC, which will have space for significantly more staff. It will also meet NATO security standards.
Asked about the recent cyber attack on the Rehab group, Dr Browne described it as a relatively "straightforward low-level incident, with no operational impacts on the organisation itself".
He explained that Rehab notified the NCSC, Gardaí and the Data Protection Commissioner.
Dr Browne said that engagement with Rehab continued and told Sinn Féin TD Ruairí Ó Murchú that the NCSC was not aware of any link between the cyber attacks on the HSE and the Rehab group.
Politicians heard that a national security incident would see the NCSC directly take charge of the response, but the Rehab attack did not meet that threshold.
Instead, the National Cyber Security Centre is providing guidance to Rehab.
NCSC deals with roughly 3,000 incidents a year, the committee heard. The vast majority don't progress to significant attacks.
Fianna Fáil TD James O'Connor told the NCSC Director that politicians received very little guidance in terms of cyber security.
Dr Browne said that guidance has been published for politicians, but the NCSC is also seeking to do in-person meetings with TDs and Senators.
Mr O'Connor told the Committee that he was of the view that "information would leak out of here like a sieve, if a foreign Government wanted to engage in the monitoring of telephone calls which they obviously can do".
Fianna Fáil TD Cathal Crowe was told that an incident at Leinster House earlier this month, during which the email system went offline for a period, was not a cyber attack.
In his opening statement, Dr Browne told members that the war in Ukraine has resulted in manifold implications for national and international security. On that basis, he warned that threat levels and risks may change rapidly and seriously.
The NCSC has been operating at a heightened state of preparedness since late last year, and arrangements are in place to avail of external expert support as required.
TDs and Senators heard that the threat of cybercrime against the state and the private sector continues to be high but hasn't increased since the Russian invasion.
There has, however, been increased "scanning activity" both in Ireland, the EU and US but the threat from "destructive cyber attacks" conducted against entities in Ireland remains low.
The threat of an incident affecting a service at a European or Global scale is moderate.
