An emergency response service to counter threats to computer security, such as viruses and phishing, is in its early stages, writes Brian Skelly
The Department of Communications, Marine and Natural Resources is in the early stages of developing a national computer emergency response service which would give computer users early warning about potentially destructive computer security threats, such as virus, spam and phishing attacks.
It would also provide support to organisations and individuals worried about the computer security threats they may be facing.
The service would be provided by a national computer emergency response team (Cert), which would be non-commercial, not-for-profit and independent. Although a Cert for the educational sector exists within HEANet - the organisation that manages the computer network linking third-level institutes in the State - and some internet service providers (ISPs) have their own Certs in place, there is no national system serving the general population of computer users and protecting the national internet infrastructure.
In this sense, Ireland is unusual within its international peer group, according to independent computer security consultant Brian Honan of BH Consulting, who is currently researching the need for such a system.
"Ireland is one of the few countries in the western world that doesn't have a Cert. Most other countries have a Cert in some shape or form that's looking after the country's networks."
Honan believed the case for establishing a national Cert is stronger than ever. "Information threats have become much more serious. Hackers or virus writers are no longer doing it just for fun. They're writing viruses and developing hacking tools to break into companies, to steal credit card information, to steal personal information. There is a much bigger criminal element now and it's much more targeted and much more organised."
The role of the Cert would be to advise computer users about new threats to computer security as well as inform them about new vulnerabilities that have been discovered in widely used software and applications.
In addition, where attacks have occurred, alerts are sent out to users so that they know to be extra vigilant.
"It's kind of like neighbourhood watch for the internet. If you find out your neighbour four doors down has had a break-in and that the intruder got in through an unlocked back door, you'll be more likely to lock your back door," Honan said.
According to the Irish Computer Society's website, specific services that the Cert might offer include:
n providing advice and guidance to businesses and individuals who may be victims of information security incidents;
n providing information and guidance to businesses on how best to protect their information and systems using white papers, best practice guides and so on;
n providing a resource whereby computer security incidents can be reported anonymously and in confidence with advice given as to how best to handle the incident (unless the incident relates to illegal activity, in which case it would be reported to the Garda);
n supplying the Garda with an intelligence source as to what cybercriminal activity is happening in Ireland in order for it to best utilise its resources;
n providing an early alerting service to companies to attacks that are happening to other Irish companies. This would be based on companies sharing their experiences anonymously with the Cert so that the Cert can alert other companies of the potential threat and offer advice on how to counter it;
conducting surveys on information security matters within Ireland to get a better idea as to what is happening in the Irish internet community.
In theory, the Cert would help guard against security threats such as phishing - a scam that involves getting people to disclose banking details or other sensitive information by sending them a fraudulent e-mail and pointing them to a bogus website, which harvests the information.
Phishing has become an increasingly serious problem in recent years as professional criminals have realised there is serious money to be made from internet fraud.
There have been numerous phishing attacks worldwide as well as in Ireland. During the summer, for example, a successful phishing scam that targeted Bank of Ireland customers netted the attackers €113,000.
It has yet to be decided when the Cert will be established and where it will be based. Two broad possibilities are envisaged at this stage. One would be that the Government sets up an independent facility with its own staff and a budget big enough to provide a 24-hour emergency response service to victims of internet security attacks.
The other is a more low-key service that would be staffed by volunteers from the IT industry and offer advice over the telephone during office hours.
The former option would require significant funding from the Government while the latter could be done more cheaply and would probably be funded by industry.
The process is currently at a consultation phase, which involves asking representative bodies such as employers group Ibec, Chambers Ireland and the Irish Computer Society what they would find useful in such a service. An online survey has also been sent to various industry bodies and individual companies to get feedback.
A spokesman for the Department of Communications said no decision had been taken as to when, or even if, a Cert would be developed. "It's early days yet. We have some Certs already in the country and whether or not it is the way forward in the light of other international developments, we're just not too sure. So that's where the scoping exercise comes in."