Cyber Threat Report for 2018/19 released

The National Cyber Security Centre (NCSC) has released its Cyber Threat Report for the 2018/19 reporting year.

Cyber threats serious impact on NZ

Cyber security incidents are continuing to have a serious impact on New Zealand organisations.

The NCSC recorded 339 incidents in the 12 months to 30 June 2019, compared with 347 incidents in the previous year.

Director of the NCSC, Lisa Fong, says while the number of incidents recorded by the Government Communications Security Bureau’s (GCSB) National Cyber Security Centre (NCSC) in 2018-19 is similar to the previous year the impact of those incidents has been greater.

“The NCSC was able to identify indicators linking state-sponsored cyber actors to 38 percent of total incidents recorded in 2018-19.  While this is similar to the previous year (39%) NCSC analysis of these incidents shows they had a greater impact. In previous years more state-sponsored incidents were detected at an early phase before the actors were able to cause harm. 

“In 2018-19 more incidents were detected at a later (post compromise) stage in the threat cycle, when actors have been able to establish their presence on a network and potentially have an effect on it.

State-sponsored cyber activity is generally more sophisticated than criminal or non-state activity, a reflection of the greater resources state-based actors usually have,” Ms Fong says.

“The incidents recorded by the NCSC represent a small proportion of the total cyber security incidents impacting New Zealand, as the NCSC’s focus is on potentially high impact events and nationally significant organisations”, Ms Fong says.

Attribution

In 2018-19, NCSC analysis informed the New Zealand Government’s public attribution of two international campaigns of malicious cyber activity to nation states. 

Ms Fong says these cyber security incidents were designed to generate revenue, disrupt businesses, undermine democracy, or involved the theft of intellectual property.

“In October 2018 the Director General of the GCSB, on behalf of the New Zealand Government, publically attributed a number of international malicious cyber campaigns targeting political institutions, business, media and sporting organisations to the Russian Government.

“In December 2018, the GCSB made a public statement on behalf of the New Zealand Government attributing a global campaign of cyber-enabled commercial intellectual property theft to a group affiliated to the Chinese Government.  This long running campaign targeted intellectual property and commercial data of a number of global managed service providers, including some operating in New Zealand.

“The NCSC continues to work closely with partner agencies across Government and internationally to call out malicious cyber activity that is counter to internationally accepted norms of behaviour in cyberspace,” she says.

Cyber Defence

The operation of the NCSC’s CORTEX cyber defence capabilities directly contributed to reducing harm to New Zealand’s significant organisations. 

Ms Fong says the NCSC calculates the value of harm directly prevented through the operation of CORTEX capabilities in the 2018-19 year was in excess of $NZ 27.7 million.  This means the operation of those advanced cyber defence capabilities have contributed to reducing cyber harm to New Zealand’s nationally significant organisations by almost $NZ 100 million since June 2016,” she says.

CORTEX’s contribution to New Zealand’s cyber defence and to building trust and confidence in government, was recognised with two significant industry and sector awards in 2018-19.

In July 2018 the GCSB was awarded the Institute of Public Administration (IPANZ) award for Building Trust and Confidence in Government, for its delivery of the CORTEX Project and in November CORTEX was named Best Cyber Security Initiative at the 2018 iSANZ New Zealand information security awards.

Malware Free Networks

Ms Fong says the NCSC has continued to pilot its Malware Free Networks (MFN) malware detection and disruption capability and is working with a range of service providers to scale its delivery to a much wider set of organisations. 

“In 2020 the NCSC will be offering this cyber threat intelligence to a broad range of customers, either directly or via their ISP,” she says.

“While this will enable more of New Zealand’s significant organisations to benefit from our specialist cyber defence capabilities, it is important to emphasise these capabilities are no substitute for good cyber security practice and governance.

“Many of the incidents we have seen in the past year could have been prevented through application of basic cyber security practice around applying security updates,” Ms Fong said.