Technological Universities

On April 1st, 2021, TU Dublin were targeted by a ransomware attack that specifically impacted the IT infrastructure of its Tallaght Campus. During the initial assessment phase, I am informed, it became evident that the ransomware had successfully infected multiple devices. It is my understanding that TU Dublin responded immediately and isolated the Tallaght campus from the broader TU Dublin network, a proactive measure taken to contain the attack and prevent the ransomware from spreading to other locations.

TU Dublin promptly notified relevant authorities, including law enforcement, the data protection commissioner, and their Cyber Insurance provider. The latter, in turn, deployed an external Cyber Incident Response team to assist in investigating the identified cyber incident within the university's IT environment. This external team collaborated closely with TU Dublin to formulate an incident response plan and subsequently initiated cyber incident response support services and forensic investigations. I am informed that TU Dublin successfully restored access to essential systems and data before the commencement of the academic year in September 2021.

TU Dublin have informed my Department that, in response to the incident, the university implemented several enhancements and improvements to further bolster the security and accessibility of its systems. This includes the implementation of enhanced security toolsets and capabilities, along with the integration of guidance and recommendations provided by external consultants.

TU Dublin have further informed my Department that their cybersecurity processes align closely with the NIST framework and the National Cyber Security Centre (NCSC) baseline standards, encompassing the five key areas: Identify, Protect, Detect, Respond, and Recover. These frameworks, known for structured, risk-centric, and adaptable approach to cybersecurity, enabled TU Dublin to enhance its security posture, adhere to regulatory requirements, and effectively manage cyber risks. As a result of these enhanced cybersecurity measures, TU Dublin will continue to benefit from this more advanced and robust cyber insurance coverage.

TU Dublin have assured my Department that they continue to maintain close collaboration with the NCSC, security partners, and colleagues from other universities to ensure the adoption of best practices across all facets of cybersecurity.

It is important to emphasise that, as autonomous bodies, higher education institutions have governance and legal responsibility for their administrative and corporate affairs, including in their management of ICT infrastructures, risk management, including cyber risk, business resilience and contingency planning.

At Government level, NCSC, which is part of the Department of Environment, Climate and Communications, has lead responsibility for cyber security in the State, with inputs from An Garda Síochána and the Defence Forces. Their role covers incident response, cyber resilience and information provision, including to the tertiary education sector.

My Department, in close collaboration with the Department of Education, has an important role in resourcing and supporting the work of HEAnet, the education sector’s ICT shared services provider. My Department has provided additional resources to HEAnet, to strengthen their capabilities to support institutions in addressing cyber security risks.

Last year, my Department confirmed significant multi-annual funding for cyber-security resources to HEAnet. These resources will equip HEAnet to enhance its support to clients, including institutions across the tertiary education sector, in mitigating their cyber security risks. In particular, these new resources will allow HEAnet to provide advice and training and enhance support to institutions in preventing incidents and alerting them to potential cyber events.