herald

Friday 30 September 2016

Hackers target garda computer systems in 'zero day' cyber attack

Specialist gardai from the Computer Crime Unit at the Garda Bureau of Fraud Investigations are attempting to identify the source of the malware attack (Stock picture)
Specialist gardai from the Computer Crime Unit at the Garda Bureau of Fraud Investigations are attempting to identify the source of the malware attack (Stock picture)

A major investigation is under way after gardai identified a malicious cyber-attack on their internal network.

It has emerged that a malware threat took place last Thursday, forcing IT staff to shut down a number of the organisation's systems.

Serious disruption was caused, including some gardai being unable to use their official email accounts.

Solution

The security breach has been identified as a "zero-day" malware threat - a software vulnerability that can be used to affect and exploit computer programmes, data, and networks.

In a statement, An Garda Siochana said an "appropriate solution" was used following the identification of the issue.

"Heightened security procedures were implemented and standard protocols were enforced across all Garda ICT environments to limit any effect on our systems," a spokesperson said.

"Working with security experts, the threat was identified and an appropriate solution was implemented across all Garda Siochana ICT (Information and Communications Technology) systems. An Garda Siochana are continuing our investigation into the incident."

Specialist gardai from the Computer Crime Unit at the Garda Bureau of Fraud Investigations are attempting to identify the source of the malware attack.

It has not yet been established if the security threat originated from within this jurisdiction or if the hack was made from outside Ireland.

The compromising of the garda network would be disastrous for the force, with thousands of sensitive documents stored on various networks and data servers.

Security

Intelligence reports, as well as the personal information of crime victims are stored on the Garda Pulse system, while forensic and DNA evidence are also stored electronically.

However, gardai have said that no data was compromised during the security threat, and that the Pulse system and the garda website were not affected either.

The ICT office was established in July 2008 in an effort to bring all ICT functions within the organisation into a single integrated unit. Providing a service desk to over 16,500 users, the ICT section deals with the management of 999 emergency calls, case management and character vetting.

The gardai's IT systems have been criticised in recent times by the Garda Inspectorate, with the independent body saying systems were decades out of date. In its 2015 report, the Inspectorate emphasised the need for "major upgrades" within the garda IT system.

"The need for contractors may be required by an organisation investing in new technology and embarking on major upgrades of existing systems," the report stated.

"According to the Human Resources Strategy for Information and Communications Technology, the best possible staffing mix within the ICT branch is one that represents the most flexible use of personnel.

"The would be in terms of overall costs, service delivery, ICT development and risk management."

Promoted articles

Entertainment News