The Government Communications Security Bureau (GCSB) is partnering with private-sector cybersecurity providers in an initiative that has the potential to prevent millions of dollars of cyber harm. A new cyber defence capability recently launched by the GCSB’s National Cyber Security Centre (NCSC) will make the centre’s cyber threat intelligence available to commercial cybersecurity providers to help defend their customers’ networks.
GCSB Director-General, Andrew Hampton, explained that the key to scaling the benefits from NCSC cyber defence capabilities is to work in partnership with other cybersecurity providers. The Malware Free Networks (MFN) capability makes that possible, providing a platform to share indicators of malicious activity with security service providers so they can detect and disrupt that activity on their customers’ networks.
MFN is the NCSC’s threat detection and disruption service that provides near real-time threat intelligence reflecting current malicious activity targeting New Zealand organisations. The MFN threat intelligence service can be integrated with other systems and platforms to increase the range of malicious activity MFN customers are defended against. MFN complements commercial threat intelligence by detecting and disrupting against indicators identified through NCSC’s advanced cyber defence capabilities and sourced from the NCSC’s international cyber security partnerships.
There have been more than 40,000 indicators of compromise deployed to MFN since the new service was piloted and went live in September last year. Hampton stated that these indicators are derived from a range of sources, including the operation of the NCSC’s cyber defence capabilities, through incident response work, and from international partners. As of 30 November 2021, MFN has disrupted more than 10,000 threats. According to a news report, he claimed that MFN is preventing real harm. As the span of capability grows, and more partners include MFN in their services the benefit for New Zealand organisations both public and private will increase exponentially.
The NCSC reported earlier this month that the operation of its cyber defence capabilities helped reduce harm to New Zealand organisations by $119 million in the last financial year, and more than $284 million since these capabilities became operational in 2016. The MFN capability was first piloted as part of the rollout of those capabilities. While the pilot showed it has significant potential, it also highlighted a range of technical challenges. Since the pilot, the NCSC has worked extensively with a range of local partners to address technical challenges and deliver a technology platform that can take cyber threat information and promptly turn it into actionable threat intelligence which partners can deploy.
The NCSC currently has agreements with nine MFN partner organisations. These partners are progressively offering the MFN service as part of their managed security products. The achievement in developing those partnership relationships and delivering the MFN service platform reflects the commitment and considerable technical capability of the NCSC staff, Hampton informed. Responding to the ever-growing threats that New Zealand’s organisations face today, there needs to be increased partnership and collaboration across the public and private sectors. The delivery and scaling of MFN capability is an example of that, Hampton explained. However, no single cybersecurity capability is a silver bullet. He added, “We still need organisations to ensure they have effective cyber security governance, understand their critical systems and risks – particularly across their supply chain and to have a plan for how they would respond to a cybersecurity incident.”