peterzayda - stock.adobe.com

New Zealand faces more state-sponsored attacks

Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors

New Zealand’s geographical remoteness has traditionally kept hackers at bay, but the country’s growing digital economy is opening it up to more cyber attacks.

According to the country’s National Cyber Security Centre (NCSC), 347 cyber security incidents were reported between 1 July 2017 and 30 June 2018.

Out of those, 134 incidents – or 39% of the total – contained indicators that had been linked to known state-sponsored threat actors. This was up nearly 10% from the 122 state-sponsored-linked incidents recorded in the previous year.

In its annual cyber security report, the NCSC, part of the Government Communications Security Bureau (GCSB), said there had been a shift in New Zealand’s cyber threat landscape, with growing avenues for cyber threats and changes in actor behaviour.

However, this was offset by the NCSC’s increased ability to disrupt threats at an early stage. The vast majority of recorded incidents were detected at, or before, an actor’s first attempt to compromise an organisation, minimising the harm to New Zealand organisations.

The NCSC said it had reduced potential losses of about NZ$27m through its so-called Cortex capabilities, which were developed to counter threats to critical infrastructure. It claimed that since 2016, it had reduced an estimated total of NZ$67m in harm to New Zealand organisations.

Separately, the NCSC linked a long-running cyber threat campaign aimed at stealing the intellectual property and commercial data of a number of global managed service providers – including some that operate in New Zealand – to China’s ministry of state security.

“This activity is counter to the commitment that all APEC [Asia-Pacific Economic Cooperation] economies, including China, made in November 2016,” said Andrew Hampton, director-general of the GCSB.

Read more about cyber security in ANZ

“APEC economies agreed that they should not conduct or support ICT-enabled theft of intellectual property or other confidential business information for commercial advantage. New Zealand is committed to upholding the rules-based international order, and today joins like-minded partners in expressing that such cyber campaigns are unacceptable.”

Hampton said the GCSB had been aware of this campaign in early 2017 and had advised New Zealand organisations to take steps to protect their networks. It had also engaged with New Zealand subsidiaries of the targeted managed service providers to assist in their response.

“The GCSB has worked through a robust attribution process in relation to this campaign,” he said. “New Zealand attributes cyber incidents where it is in the national interest to do so. Our approach today is consistent with GCSB’s previous attributions of cyber activity.”

Read more on Hackers and cybercrime prevention