Malware Free Networks

Malware Free Networks™

We have developed a service called Malware Free Networks (MFN), which is designed to strengthen New Zealand’s cyber defence capabilities. MFN is a threat detection and disruption service that provides near real-time threat intelligence reflecting current malicious activity targeting New Zealand organisations. MFN brings our cyber security capabilities to a large number of nationally significant New Zealand organisations.

The MFN threat intelligence service can be integrated with other systems and platforms to increase the range of malicious activity MFN customers are defended against. MFN complements commercial threat intelligence by detecting and disrupting against indicators identified through our advanced cyber defence capabilities and sourced from our international cyber security partnerships.

For most customers, the MFN service will be available through their network operator or primary cyber security service provider. MFN is additional to CORTEX, which is a cyber defence capability provided by the NCSC to New Zealand’s nationally significant organisations. MFN complements the existing threat detection and disruption service provided by the NCSC to consenting organisations.

MFN was the winner of the 2022 iSANZ Award for Best New Zealand Security Product or Service.

Learn more about CORTEX

MFN Partners

We have worked with a range of local partners to deliver a technology platform that can take our cyber threat information and very quickly turn it into actionable threat intelligence for partners to deploy.

These organisations include:

These partners are progressively offering the MFN service as part of their managed security products.

If you’d like to become an MFN partner yourself and offer the service to your customers, or if you’d like a referral to one of our MFN partners, please get in touch with us by email: services@ncsc.govt.nz

MFN in Action: Case Studies

A widely used technology service provided by a trusted international vendor was compromised globally. We were able to use our international relationships to quickly understand the nature of the compromise and obtain information that could be used to defend New Zealand users of the affected service. Within hours of becoming aware of the compromise we had deployed indicators to MFN, enabling customers of the service to be automatically defended.

We learned of payment information being sent to malicious foreign domains when some users made payments through a platform on a New Zealand organisation's website. While the cause of this activity was likely due to banking malware on the users' systems, rather than a compromise of the organisation, we added the details about malicious domains to the MFN threat intelligence service. Within days, MFN prevented over 250 connection attempts from a device in a New Zealand Government department to one of the malicious domains. The government organisation located and disabled the affected device, avoiding a potentially additional, larger compromise.

MFN Frequently Asked Questions

Malware Free Networks (MFN) is a threat detection and disruption service provided by the NCSC. The service is delivered through a curated threat intelligence feed from a range of sources, including our international cyber security partners and information drawn from our cyber defence capabilities. MFN provides near real-time threat intelligence reflecting current malicious activity targeting New Zealand organisations.

The types of cyber threat MFN protects against are those that are likely to impact nationally significant organisations, including small to medium enterprises, large corporates, and government organisations. When MFN is used in combination with other feeds, it can help to defend against the full spectrum of cyber threats impacting New Zealand.

MFN has been developed to help defend against malicious activity impacting small to medium enterprises, large corporates, and government organisations. MFN is not designed for residential customers. When MFN is used in combination with other feeds, it can help to defend against the full spectrum of cyber threats impacting New Zealand.

We are partnering with some internet service providers (ISPs) and cyber security service providers to enable them to make MFN available to their customers. Our partners are at various stages in their customer engagement and onboarding processes. We suggest that you ask your ISP or service provider about gaining access to our MFN threat intelligence service.

We do not charge for the supply of MFN to partners. The cost to the end user is dependent on the type of cyber security service offering provided by each MFN partner direct to the customer.

The MFN threat feed is available via commonly used industry standards for sharing threat information: STIX/TAXII 2.0 or MISP. Your current cyber security capabilities may support integration via these formats.

If you consume managed security services through an internet service provider (ISP) or managed service provider (MSP), they may offer services that utilise the MFN threat feed.

The MFN threat intelligence service can be integrated with cyber security capabilities to protect against threats that operate and propagate via the Domain Name System (DNS), internet IP addresses, and web URLs.

The telemetry we receive via MFN is stored securely on NCSC systems.

No. MFN is delivered purely as a threat feed via STIX/TAXII 2.0 or MISP. There is no NCSC-owned equipment required inside your network.