Current Activity


NCSC Cyber Threat Report 2015/16

9 March, 2017

National Cyber Security Center (NCSC) recorded 338 cyber security incidents in the 12 months 30 June 2016.

Information about these incidents is contained in a cyber threat report prepared by the NCSC to help increase understanding about the nature and extent of the cyber threats facing New Zealand's siginificant organisations.

NCSC Director Lisa Fong says the report highlights the range of threats the NCSC has identified and responded to.

She says while the report highlights that cyber threats facing New Zealand are continuing to increase it is likely that the threats recorded represent only a small proportion of the total incidents impacting on New Zealand and New Zealanders.

She says the threats the NCSC has identified targeting New Zealand organisations are consistent with those identified by cyber security providers domestically and internationally.

The report provides an overview of the work of the NCSC and an outline of some of the common types of threats impacting on New Zealand organisations.

The Cyber Threat Report is available here

NCSC Cyber Security Advisory CSA-002-17

Date 30 January 2017

DNS server configuration may result in excessive resource use and potential malicious application

Summary

  • The NCSC notes that there are DNS servers currently configured to resolve arbitrary internet domains requested from external hosts. 
  • A DNS server configured in this manner may result in excessive resource use and may have potential malicious application.

Details

1. The NCSC has become aware of DNS servers currently configured to resolve internet domains when requested by external hosts. This appears to occur when a DNS server is configured to search for answers in attempt to resolve the requests.

2. The observed DNS servers either resolve these requests, or request upstream (e.g. Google DNS servers), and finally send the response back to the requester. A DNS server configured in this manner will likely result in excessive resource use, as well as have the potential for malicious application.

Recommendations

3. The NCSC recommends DNS servers are configured to allow recursive lookup from internal hosts and remote offices only.

4. The NCSC further recommends DNS servers are configured to only supply public domains hosted within their network to external hosts.

5. Further open source information can be found by searching for ‘open resolver’.

NCSC Cyber Security Advisory NCSC-C-2016-620

On 2 November 2016, the NCSC was made aware that a targeted spearphishing campaign against a New Zealand Health Sector organisation had been successful.

Cyber Security Advisory CSA-007-16

Several organisations have received extortion emails threatening a Distributed Denial of Service attack (DDoS) unless a payment in Bitcoins is made.

NCSC Security Advisory - NCSC-EV-2015-126

NCSC is aware of a recent campaign involving credential harvesting attacks in the form of spear phishing emails targeting different government agencies.

Windows 10 upgrade scam

A new scam in relation to downloading Microsoft windows 10 operating system has been identified.

Notification of Bash Bug Advisory

A new vulnerability (CVE-2014-6271) in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems including Apple OSX.

Connect Smart

Connect Smart week runs from Monday 16 June to Friday20 June, and has been organised by the National Cyber Policy Office.

Cyber threats continue to rise

The number of cyber incidents recorded by the National Cyber Security Centre (NCSC) increased by more than 60% in 2013.

NCSC advisory - OpenSSL Vulnerability

OpenSSL versions 1.0.1 through 1.0.1f contain a flaw allowing an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library.

Mobile Electronic Device

The NCSC has released an advisory for mitigating the risks associated with mobile electronic devices.

NCSC Plesk Advisory

A security researcher has released details of a significant zero day vulnerability in some versions of the Plesk server management software.

Cyber Security Awareness Week

Cyber Security Awareness Week (CSAW) begins on Monday, 27 May. CSAW is being run by NetSafe and a number of events are planned.

New Training to Address Cyber Security Risk

A new cyber security and information assurance course has been launched by the Wellington Institute of Technology (WelTec) in collaboration with the GCSB.

NCSC – 2012 Incident Report Summary

NCSC has reported a significant increase in reported attacks against NZ government agencies, critical national infrastructure, and private sector orgs in 2012.

NZ-UK joint statement on cyber security

NZ Foreign Minister and the visiting Foreign Secretary of the UK have committed the two countries to working more closely together to address cyber security.

Apple QuickTime 7.7.3 Released

Apple have released QuickTime 7.7.3 for Windows 7, Vista, XP SP2 or later, in order to address several critical security vulnerabilities.


Back to Top

Sophos Anti-Virus Vulnerabilities

A recent report has described multiple vulnerabilities that have been identified in Sophos Anti-Virus products, prompting Sophos to issue a security advisory.

Top 35 Mitigation Strategies Updated

The Defence Signals Directorate (DSD) have released an October 2012 update to their Top 35 Strategies to Mitigate Targeted Cyber Intrusions.

Revocation of Adobe Code Signing Certificate

Adobe has announced plans to revoke a code signing certificate that appears to have been misused. The attached advisory contains further information.

Java Vulnerability Patch Released

This advisory is to report that Oracle has now released a patch to address the recently reported Java vulnerability (CVE-2012-4681).

iOS Hardening Configuration Guide

The iOS Hardening Configuration Guide issued in March 2012 by DSD, for iPod Touch, iPhone and iPad devices running iOS 5.1, is available from the DSD website.

Product Support Advisory

The NCSC has released an advisory recommending the best practises for all New Zealand Government ICT systems in relation to product support.


Back to Top

ICO’s Practical IT Security Guidance

Adopting good security practises and securing information is as crucial for small to medium enterprises as it is the larger private and public sector agencies.