Ireland Gears Up for Cyber Battles Ahead of EU Presidency

As Ireland prepares to take the helm of the European Council, the nation's cyber watchdog is already bracing for impact. Cybersecurity incidents are expected during the six month EU presidency, with artificial intelligence increasingly weaponised by criminal networks to launch attacks on critical infrastructure and public services.

A Dress Rehearsal for Crisis

Authorities recently staged a major preparedness exercise, codenamed Operation Eriu, to simulate a full scale national crisis response to a significant cyberattack during the Irish presidency. The two day event brought together large technology companies and critical infrastructure providers, escalating from a calm baseline to a full blown national emergency that would activate the National Cyber Emergency Plan.

Dr Richard Browne, director of the National Cyber Security Centre (NCSC), told an Oireachtas committee that the assessment ahead of Ireland's presidency term, beginning on July 1, highlights a range of risks varying in likelihood and impact on the public.

AI and Geopolitical Instability: A Dangerous Convergence

Dr Browne warned that the presidency comes at a time of rare alignment between an unstable geopolitical environment and rapidly evolving frontier AI models. This convergence, he explained, creates a much more unconstrained operating environment for threat actors seeking to exploit vulnerabilities.

Since early last year, it has become clear that a number of large criminal cybersecurity enterprises are using AI tools to develop their own systems faster, representing a significant escalation in the sophistication and speed of attacks.

Ransomware, Espionage and Hacktivism

The NCSC has identified three primary threat categories during the presidency term:

• Financially motivated ransomware: A primary concern that can directly deny the availability of essential services to citizens, with long term effects on communities and public trust.
• Cyberespionage: A low cost, covert means of intelligence collection by certain states, targeting sensitive government data for political or economic advantage.
• Hacktivism: Hackers seeking publicity through malicious attacks, sometimes targeting critical infrastructure and exaggerating their impact online to create an impression of widespread insecurity.

Dr Browne described ransomware attacks as being like the weather, unfortunately, and said the watchdog expects to see more of them throughout the presidency.

Protecting Citizens and Essential Services

While the NCSC is not expecting something dramatic or entirely new in terms of threats, the emphasis remains on protecting the availability of essential public services that citizens rely on daily. The watchdog works to detect and disrupt live threats, providing early warnings to internet service providers and organisations with vulnerabilities in their systems.

Dr Browne cautioned against describing every cyber incident as a crisis, noting that many are small scale. However, he stressed that the NCSC has planned, prepared and exercised extensively for the presidency period.

There are few guarantees around security and there are a lot of contingencies in this particular case, but we believe we have put ourselves in a strong position, he told TDs and senators. The NCSC has heavily evaluated the presidency and believes it is in a fairly strong position, though it remains prepared for unexpected black swan events.

As Ireland steps into its role at the heart of Europe, the protection of our digital infrastructure is not merely a technical challenge. It is a civic imperative, essential to safeguarding the services and trust that bind our society together.