Hackers and fake accounts thwarted in lead-up to elections
Spokesman The Prepared Websites Was Were 'minimal', Was Impact Attacks For A That Mainly Said Of The Because Adding Attacks The Potential This
Irish security services identified fake online accounts linked to the Russian state that were generating “anti-government” messages in the run up to the election, the understands.
Garda HQ is believed to have engaged with the social media providers about the accounts and some of them were suspended.
The Garda Security and Intelligence Service only acts where disinformation is being carried out at the behest of hostile State actors.
It is thought that the suspect accounts were most likely linked to the Russian state or were operated by groups backed by the country’s intelligence services.
It comes as the National Cyber Security Centre separately thwarted cyberattacks from Russian hackers on the websites of State services, including Irish Rail, Bus Éireann, and voter.ie — a voting register service.
The Department of Communications, the centre's parent department, said it was part of an organised campaign across EU member states.
A spokesman said the impact of the attacks was “minimal”, adding that this was mainly because the websites were prepared for potential attacks.
It is understood that Garda Security and Intelligence Service was in contact with the National Cyber Security Centre in relation to the cyberattacks.
Separately, it is understood that Garda HQ has been working with other European intelligence agencies monitoring efforts to disrupt processes around elections.
It is thought that these accounts were either being operated by Russian intelligence services or by groups acting with their support.
It is understood that gardaí have engaged with online service providers in relation to suspected fake profiles, leading to some of these accounts have been suspended.
It is thought that Garda HQ has, generally, a good relationship with the main online service providers in Ireland.
The broadcasting commission, Coimisiún na Meán, has the lead role in Ireland in combating online harm and disinformation, with the Electoral Commission primarily involved in disinformation that affects the electoral process.
The National Cyber Security Centre has been working closely with the Electoral Commission on election security as well as local authorities.
National Cyber Security Centre boss Richard Browne told the last month that, while they deal with hundreds of cyber incident every year, they’ve never seen anything significant affecting the electoral process.
However, he said it could happen. If it did, he added, the first time would be enough as it “ could be very bad news”, and said the imperative was to guard against it occurring.
Garda HQ has been working with Coimisiún na Meán in developing an interim response mechanism until a proper Memorandum of Understanding was developed.
As the State security service, An Garda Síochána is “centrally involved” where those behind the disinformation are “potentially hostile State actors”.
The Department of Communications said the websites targeted were subject to distributed denial of service (DDoS) attacks, where they are bombarded by online requests affecting their ability to operate.
A spokesman for the department said: “This activity is part of a pattern of events across the EU, and is in line with the experiences of other EU member states.”
In the Netherlands, Politico.eu reported several websites belonging to Dutch political parties experienced similar attacks on Thursday.
Those cyberattacks were claimed by a pro-Russian hacker group called HackNeT, via their Telegam account, Politico.eu reported.
A Telegram account indicates Bus Éireann’s website was among those targeted, as was that of the Royal College of Surgeons Ireland and voter.ie.
It has also been reported that the European Court of Auditors' website was targeted. This site was down on Thursday afternoon, but now appears to be functioning normally.
A spokeswoman for the Royal College of Surgeons Ireland confirmed an attack was made on their website on Friday.
"The attempted attack was identified by our web security and monitoring system," she said.
"As a proactive measure, the Royal College of Surgeons Ireland website was taken down for a short time to allow for the site attempting to carry out the attack to be blocked and checks to be carried out."
A spokeswoman for Bus Éireann confirmed on Saturday that their website was one of those affected in the attempted attacks.
"Through working with the National Cyber Security Centre, we were able to manage the attack and take the necessary measures to ensure our site was accessible to the public," she said.
A spokeswoman for Dublin Bus confirmed a cyberattack was made on their website also.
"I can confirm that Dublin Bus was targeted as part of a series of failed cyberattacks on Irish websites.
"Dublin Bus worked with the National Cyber Security Centre and ensured that the necessary measures were taken to mitigate the attack," she said on Saturday evening.