Oireachtas Joint and Select Committees
Wednesday, 22 September 2021
Joint Oireachtas Committee on Transport, Tourism and Sport
National Cyber Security Centre Review: Discussion
We do want people to report what happens. We do not want them to pay ransoms because doing so only creates more attacks. That is the business model of the people conducting the attacks. I would ask anybody who is attacked to contact the NCSC for assistance. The staff at that centre have great experience dealing with people who have been attacked. The actions a company takes when it is attacked are critical to what happens later on and to that company's success in protecting itself from these people. Even if the ransom is paid, the data may be published and a key may never be forthcoming to unlock the data. In the case of the HSE attack, we did not pay a ransom, got the key back and no data were published. I would advise any organisation that is attacked to contact the NCSC.