Russian hackers have threatened to attack any country that supports Ukraine. Image / Getty Creative
Russian hackers have threatened to attack any country that supports Ukraine. Image / Getty Creative
The world might be becoming a more chaotic place, with increasing threat potential from state-sponsored hackers.
But the number of cyber incidents involving our “nationally significant organisations” actually fell to 316 in the year to June, from 350 the year before, according to the latest annual report from the NationalCyber Security Centre, a unit of the GCSB.
Regardless, the report reiterates that earlier this year, the NCSC named Russia and China as sources of state-sponsored cyber-attacks.
“In May 2023, we joined international cyber security partners in disclosing technical information about malicious software associated with Russia’s Federal Security Service (FSB). In the same month, the NCSC joined its like-minded partners to identify techniques associated with the stealthy compromise of critical infrastructure. By ‘living off the land’, sophisticated cyber actors from the People’s Republic of China were able to use legitimate tools existing on victim networks to maintain access to significant targets overseas, without detection,” it says.
In May last year, shortly after Russia launched its first offensive against Ukraine, GCSB director-general Andrew Hampton warned that pro-Putin hacker gangs could target New Zealand and other countries’ critical infrastructure could be targeted.
But in the 12 months to June 30, only 23 per cent (or 73) of those 316 cyber incidents “indicated links to suspected state-sponsored actors”, the report says, compared to 34 per cent the year before.
The rise was in cyber attacks motivated by plain old greed. Some 28 per cent (or 90) of the 316 attacks were “likely criminal or financially motivated”, compared to 23 per cent in the prior year.
The NCSC said it prevented $65.4 million worth of harm by thwarting various cyber attacks in the year to June, up from $33.0m worth of harm prevented the year before. All up, the agency says it has prevented $382m in harm since 2016. The agency says the figures are based on a model created by independently commissioned research in 2016, which was updated in 2020. It includes estimates of financial harm that could have been caused if the likes of patent theft and copyright infringement had not been blocked.
Lisa Fong, director of the GCSB's National Cyber Security Centre.
Geopolitical instability could potentially lead to more cyber attacks on NZ targets in the current year. Security firm CyberCX recently warned that the Israel-Hamas conflict had mobilised significant “hacktivist” activity, with a “real chance” that New Zealand could be targeted because of its condemnation of Hamas.
With Budget 2023, New Zealand did not match the escalation of spending on cyber-security that occurred across the Tasman.
But the NCSC says it did expend its “threat disruption technology” programme called Malware Free Networks to defend the customers of “a major telecommunications provider”. The telco is not named, but in August One NZ said it had joined Malware Free Networks, and blocked 300,000 scam threat attempts in the first six weeks). The NCSC’s broad thrust is to co-operate with as many public and private organisations of national significance as possible, giving them a heads-up about new threats and access to tools and advice to help repel them.
And in July, then GCSB Minister Andrew Little announced a restructure that would see the Government’s Computer Emergency Response Team (Cert NZ, focused on cyber attacks on individuals or small businesses) move under the NCSC. Little said the change would give Cert NZ more oomph, and help solve what he called a “fragmented, merry-go-round experience for business victims’ of cybercrime.” Opponents said the mum-and-dad-focused Cert NZ would get lost in the China and Russian-focused GCSB.
Cert NZ officially moved under the NCSC’s wing on August 31, but last week an insider told the Herald there had been no operational change so far, with the two agencies still working out of different buildings.
The GCSB said its deputy director-general Lisa Fong, who heads the NCSC, was not available for interview.
In response to a written question on Cert NZ-NCSC integration progress, a spokesman said:
“While administrative transfer of Cert NZ staff and functions to GCSB occurred in August, we now have work to do to bring together the functions of the NCSC and Cert NZ. We intend to share our approach and early work on our new strategy with the new government once it is formed.”
Neither of the major parties included cyber-security in their tech policies.
Chris Keall is an Auckland-based member of the Herald’s business team. He joined the Herald in 2018 and is the technology editor and a senior business writer.
