Cyber Threat Report for 2019/20 released
The National Cyber Security Centre (NCSC) has released its Cyber Threat Report for the 2019/20 reporting year.
New Zealand’s nationally significant organisations continue to be the target of frequent cyber-attacks from a range of malicious actors, according to the National Cyber Security Centre (NCSC), a part of the Government Communications Security Bureau.
Releasing NCSC’s Cyber Threat Report for 2019/2020, the Centre’s director, Hamish Beaton, says that throughout 2019/20, state-sponsored and non-state actors have shown their willingness to target New Zealand organisations in all sectors using a range of increasingly advanced tools and techniques.
“A common theme this year, which emerged prior to the COVID-19 pandemic, was the exploitation of known vulnerabilities in internet-facing applications, remote desktop services and virtual private network applications.
“This means organisations with poor security posture are more likely to become a victim of malicious cyber activity, and are much less likely to detect such activity before harm is caused,” Mr Beaton says.
352 incidents recorded
From 1 July 2019 to 30 June 2020, the NCSC recorded 352 cyber security incidents compared with 339 incidents in the previous 12 months. Of those incidents recorded, 30 percent were able to be linked to state-sponsored actors.
Mr Beaton says the number of incidents recorded by the NCSC represents just a small proportion of the total incidents affecting New Zealand and New Zealanders.
“This is because of our focus on providing support for nationally significant organisations and response to potentially high impact cyber security events.
“By contrast CERT NZ, who we work closely with, released its quarterly report earlier today, recording 2610 reports from organisations and individuals for the three months to 30 September, 2020. This difference in recorded events reflects the different perspectives our organisations have on the New Zealand cyber threat landscape.
Mr Beaton says organisations self-reporting cyber incidents to the NCSC continue to increase, reflecting the growing cyber awareness and willingness to report incidents among New Zealand organisations.
“The NCSC’s international partners are also increasingly notifying us of cyber threats affecting New Zealand organisations. Our own cyber defence capabilities, developed as part of the CORTEX initiative, also continue to provide significant value,” Mr Beaton says.
$70 million harm prevented
“Our analysis (based on a model which we had independently revalidated in 2019/20) indicates the detection and disruption of malicious cyber activity through the NCSC’s capabilities prevented $70 million in harm to New Zealand’s nationally significant organisations.
“This means that since June 2016, the NCSC has prevented harm from hostile cyber activity by approximately $165 million,” Mr Beaton says.
DDoS attacks on the NZX and other New Zealand organisations have been an important focus for the NCSC recently, but occurred outside this reporting period. What these attacks highlighted is that attackers who are intent on disrupting the availability of systems can be just as damaging as those who seek to steal sensitive information.
Malware Free Networks
The NCSC continues to build and grow New Zealand’s cyber defence capabilities, most recently through the successful pilot and initial delivery of Malware Free Networks (MFN). MFN is a scalable malware detection and disruption service which involves the NCSC generating and sharing cyber threat intelligence with consenting organisations.
“The delivery of MFN demonstrates the successful cooperation between public and private sector organisations and is an important part of the national strategy for increasing New Zealand’s cyber resilience.
Mr Beaton says that in response to the COVID-19 pandemic, the NCSC rapidly changed the way it worked to focus on new areas of risk.
“The increased uptake and reliance on digital platforms by the private and public sectors expands the potential attack surface for malicious cyber actors. This led to a significant increase in demand for our cyber security advice and guidance.
“We responded to this through greater direct engagement with customers and by publishing more guidance on our website, particularly around adopting cloud services and remote working solutions.
“Post COVID-19 lockdown we have followed up with further guidance advising organisations to review their security settings and the changes they made in response to COVID-19, to ensure any risks associated with the rapid changes required pre lockdown are effectively mitigated,” Mr Beaton says.
About the NCSC
The National Cyber Security Centre (NCSC) is a part of the Government communications Security Bureau (GCSB). The NCSC operates GCSB’s cyber defence capabilities and leads cyber security engagement with New Zealand’s organisations of national significance to protect their information systems from high impact and advanced cyber-borne threats. The NCSC provides incident response services to help New Zealand organisations address potentially high impact cyber security events. The NCSC also provides cyber security resilience assessment and advice, and advice on addressing new cyber security vulnerabilities when they are identified.
About CERT NZ
CERT NZ is New Zealand’s Computer Emergency Response Team, and works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. CERT NZ provides trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.