---

Almost 800 cyber-security incidents in 2023

The National Cyber Security Centre (NCSC) says that it recorded 791 confirmed cyber-security incidents last year, which led to 309 investigations. 

The NCSC’s role is to monitor, detect, and respond to cyber-security incidents in the State. 

Writing in the Annual National Cyber Security Update, the centre’s director Richard Browne said that it had doubled staff numbers to 60 over the course of 2023. 

Overall, it received more than 5,200 reports of cyber-incidents last year. A cyber-security incident is any adverse event that threatens the confidentiality, integrity, authenticity, or availability of a network or information system. 

Most incidents ‘less severe’ 

The report says that the “vast majority” of incidents were categorised as CAT-5 – at the less severe end of a scale of severity that runs from one to six. 

There were no incidents reported that were deemed severe enough to be CAT-1 or CAT-2, the two categories containing the most danger to the State. 

The report says that the most observed cyber-incidents were those carried out by criminal groups seeking financial gain.  

They mainly used phishing attacks and malware distribution, usually via email. 

Media discourse

“A notable trend in 2023 has been the rapid growth in so called ‘hack-tivist’ activity targeting web services in Ireland and attempts at state-sponsored disinformation,” the report states.

It adds that hack-tivists usually deploy Distributed Denial of Service (DDOS) tools to try to impair the proper functioning of websites. 

“These are inexpensive and low-impact attacks, with their primary motivation being to seek to shape political and media discourse in the State,” the report continues. 

The NCSC says that it has observed “a number of state-backed hack-tivist groups” engaging in activity in Ireland in 2023, adding that it has been able to attribute these to “specific intelligence and security services”.