Today, the National Cyber Security Centre (NCSC) has joined international partners in drawing global attention to a campaign of malicious cyber activity being undertaken by PRC-based companies affiliated with the People’s Republic of China (PRC) Government.
This activity, commonly referred to as Salt Typhoon, has been observed in several countries, including New Zealand.
The NCSC has worked with New Zealand telecommunications and critical infrastructure organisations to warn about this activity and to support efforts to identify the extent of it in New Zealand.
We support our international cyber security partners in calling out this significant and widespread malicious cyber activity and we are highlighting to New Zealand organisations the need for effective cyber resilience
The information we’ve collectively released today explains that these actors are using known common vulnerabilities and exposures (CVEs) and other avoidable weaknesses to gain access to networks.
It details the specific CVEs exploited, the tactics, techniques, and procedures (TTPs) these actors have been found using, and indicators of compromise (IOCs).
New Zealand organisations are working hard to keep New Zealanders’ data secure and to ensure they are implementing effective cyber security practices.
The NCSC is coordinating a series of engagements with the leadership of key critical infrastructure organisations to ensure they are aware of these types of risks and to provide advice on how they can work with security teams to effectively govern that risk.
The NCSC encourages network defenders to become familiar with this information and apply the mitigations listed.
If activity is detected, we encourage organisations to report it on the NCSC website.
Collectively, we need to raise the cyber resilience of New Zealand. This requires the commitment and prioritisation of effective cyber security practices from across government, organisations, and individuals.