Organizations in New Zealand faced 339 cybersecurity incidents in just 12 months, while according to The National Cyber Security Centre’s (NCSC) Cyber Threat Report, there were 347 incidents in the previous year.
In an official release, Director of the NCSC, Lisa Fong, says while the number of incidents recorded by the Government Communications Security Bureau’s (GCSB) NCSC in 2018-19 is similar to the previous year the impact of those incidents has been greater.
In 2018-19, NCSC analysis informed the New Zealand Government’s public attribution of two international campaigns of malicious cyber activity to nation states.
Ms Fong says these cyber security incidents were designed to generate revenue, disrupt businesses, undermine democracy, or involved the theft of intellectual property.
“In October 2018 the Director General of the GCSB, on behalf of the New Zealand Government, publically attributed a number of international malicious cyber campaigns targeting political institutions, business, media and sporting organisations to the Russian Government.
“In December 2018, the GCSB made a public statement on behalf of the New Zealand Government attributing a global campaign of cyber-enabled commercial intellectual property theft to a group affiliated to the Chinese Government. This long running campaign targeted intellectual property and commercial data of a number of global managed service providers, including some operating in New Zealand.
“The NCSC was able to identify indicators linking state-sponsored cyber actors to 38 percent of total incidents recorded in 2018-19. While this is similar to the previous year (39 percent) NCSC analysis of these incidents shows they had a greater impact.
“In previous years more state-sponsored incidents were detected at an early phase before the actors were able to cause harm. In 2018-19 more incidents were detected at a later (post compromise) stage in the threat cycle, when actors have been able to establish their presence on a network and potentially have an effect on it,” Fong said.
“State-sponsored cyber activity is generally more sophisticated than criminal or non-state activity, a reflection of the greater resources state-based actors usually have,” Ms Fong says. “The incidents recorded by the NCSC represent a small proportion of the total cybersecurity incidents impacting New Zealand, as the NCSC’s focus is on potentially high impact events and nationally significant organizations.”
“The NCSC continues to work closely with partner agencies across Government and internationally to call out malicious cyber activity that is counter to internationally accepted norms of behaviour in cyberspace,” she says.
A number of the attacks, says NCSC and Fong, targeted political institutions, business, media and sporting organizations and can be attributed to the Russian government and to the Chinese Government.
The post #Privacy: Are overseas cyberattacks to blame for New Zealand’s escalating cyber risk? appeared first on PrivSec Report.