NZ Cyber Threat
The National Cyber Security Centre (NCSC) has been publishing reports of cyber security incidents since 2011.
Since that time the number of serious cyber incidents recorded by the Centre has increased steadily.
The increase is likely to be a combination of increased awareness of the importance of reporting cyber incidents and the role and functions of the NCSC. Incidents meet criteria, which we regularly review, to differentiate them from other common on-line events before they are recorded in our statistics.
Recorded incidents range in seriousness from the targeting of small businesses with “ransom ware” and attempts to obtain credit card information through to serious and persistent attempts to compromise the information systems of significant New Zealand organisations. This can include identification and exfiltration of valuable intellectual property.
Some of these threats come from well-resourced foreign sources. Sometimes they are targeting significant New Zealand organisations, others use New Zealand systems to target overseas networks.
Examples of the threats identified through GCSB’s cyber security capabilities include;
■ The targeting of several officials from a key government agency through email and web site exploits in an effort to get personal information and potentially compromise the agency’s network. This attack was detected and mitigated before important information could be lost/compromised
■ The use of a malware package, to target six significant New Zealand organisations. The threat was detected and mitigated through systems and support provided via our CORTEX capabilities.
■ Identifying and tracing the source of a new cyber-attack method. The attack targeting several CORTEX customers. The “fingerprints” of this new threat were able to be passed on to our international partners, helping to reduce global vulnerability to this particular attack.
■ Detecting large-scale targeting of a nationally significant organisation as part of a global campaign. The NCSC was able to work closely with the New Zealand organisation to contain the threat.
Part of our response to the more sophisticated and advanced types of these threats is the CORTEX initiative.