• Our Vision

    To be the trusted guardian of
    New Zealand's
    Information Assets

US CERT advice on response to Meltdown and Spectre

The National Cyber Security Centre is aware of a set of security vulnerabilities known as Meltdown and Spectre that affect modern computer and mobile device processors.   Applying the latest security updates from vendors should reduce vulnerability to these issues.

More information on response to Meltdown and Spectre is available from the United States National Cybersecurity & Communications Integration Centre – part of the US Department of Homeland Security.

See https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities

and https://www.us-cert.gov/ncas/alerts/TA18-004A

read more

New Zealand concerned at North Korean cyber activity

The Director-General of the Government Communications Security Bureau (GCSB), Andrew Hampton says he is concerned at international reports which link North Korea to WannaCry. 

WannaCry was a significant global ransomware campaign, launched in May 2017, which encrypted data and demanded a ransom payment to unlock computers in over 150 countries, and significantly affected the UK’s National Health Service.

“Cyber threat analysis from a range of sources, including the United States and the United Kingdom, attributes WannaCry to North Korean cyber threat actors,” Mr Hampton said.

“While New Zealand was not significantly impacted by WannaCry, we are not immune from this type of threat. In a globally connected world our relative geographic isolation offers no protection from cyber threats.

“We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity.

“In the 12 months from June 2016 to June 2017 nearly one third (122) of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have previously been linked to state-sponsored actors.

“Cyber threats continue to increase, in part because of New Zealand’s global connectivity but also because the cost barriers are low, and getting lower, while the potential for harm is vast.

“The GCSB has two main functions, collecting intelligence in accordance with the Government’s priorities and providing cyber security and information assurance services to organisations of national significance, from both the public and private sector.

“As part of this work, the Cortex cyber security programme has been rolled out to a group of nationally significant organisations in the public and private sectors.

 “An independent assessment of the Cortex programme showed that over a 12 month period it has saved New Zealand’s most important organisations around $40 million in harm.” 

A copy of the 2016-17 Unclassified Cyber Threat Report can be accessed here 

Media contact: media@nzic.govt.nz  (04) 462-9811


read more

December 2017 New Zealand Information Security Manual

The New Zealand Information Security Manual (NZISM) has been updated to include new guidance on audit evidence, cable trays and clarification on emergency procedures.

The December 2017 NZISM v2.7 updates the previous edition NZISM v2.6 which was published in July 2017.

Changes include new paragraphs on Audit Evidence (Section 4.3); Cable Trays (Section 10.1); and updates to Emergency procedures (Section 5.7).  Extensive work has also been done in updating Section 23.2 Glossary of Terms, including new terms such as Accountable material and Codewords.  

A large number of supporting amendments and other minor and editorial updates have also been completed as points of clarification and to aid policy interpretation, as well as minor wording changes for the purposes of clarification.

All new materials and amendments are designed to simplify approaches while maintaining existing levels of governance and assurance. 

read more

2016-17 Unclassified Cyber Threat Report

NCSC 2016-17 Unclassified Cyber Threat Report

The National Cyber Security Centre has produced an unclassified cyber threat report for the 2016-17 reporting year. 

The report highlights achievements, including completing the roll out of our CORTEX cyber defensive capabilities, and identifies some of the key cyber threats impacting on New Zealand’s important systems and networks. 

It notes that advanced cyber threats have the potential to cause $640m harm annually to New Zealand’s organisations of national significance and that the operation of the NCSC’s cyber defence capabilities reduced harm by $39.47m in the 2016–17 year. 

The report also notes that the NCSC recorded 396 incidents for the 2016-17 year, an increase of 58 over the previous year. The increase reflects the evolving threat landscape and the NCSC’s increased capacity to detect and respond to threats. 

Given the NCSC’s primary focus on nationally significant organisations and cyber threats with the potential to have a high impact, these numbers reflect only a small proportion of the total cyber harm occurring in New Zealand.

read more

Reporting an Incident

If your organisation has encountered or suspects a cyber-security incident, please complete and return the Cyber Security Incident - Report Form. If you require assistance in dealing with the incident, please complete the Cyber Security Incident – Request for Assistance Form. If required, you can speak with us directly on (04) 498-7654.

Some Interesting Stats

338 cyber security incidents were recorded by the National Cyber Security Centre in the 12 months to 30 June 2016. This is an average of 28 incidents per month and represents a significant increase on the previous 12 months when there were 190 cyber security incidents. GCSB Director Andrew Hampton reviews the nature of the cyber threats to New Zealand in his address to the New Zealand Institute of International Affairs.

The Australian Signals Directorate (ASD) has updated its ‘Strategies to Mitigate Cyber Security Incidents’ guidance on prioritised security controls, expanding the ‘top four’ strategies to produce a new ‘essential eight’. The strategies are a list of practical actions that organisations can take to make their systems more secure. The eight essential strategies can be implemented as a baseline and the guidance can be tailored based on an organisation’s risk profile and the threats they face.

Security researchers believe the number of companies around the world experiencing ransomware events tripled between the first and third quarters of 2016. The American National Institute of Standards and Technology (NIST) has now published a “Guide for Cybersecurity Event Recovery” (NIST Special Publication 800-184) which offers guidance for developing, testing and improving recovery plans so organisations are ready when a cyber security event occurs.