The Government Communications Security Bureau (GCSB) has established a global campaign against cyber-enabled commercial intellectual property theft as well as links with the Chinese Ministry of State Security (MSS).
According to a recent report, this long-running campaign targeted the intellectual property and commercial data of a number of global managed service providers, some operating in New Zealand.
This activity is counter to the commitment of all APEC economies, including China, which was made in November 2016.
In the aforementioned commitment, APEC economies agreed they should not conduct or support ICT-enabled theft of intellectual property or other confidential business information, for commercial advantage.
New Zealand is committed to upholding the rules-based international order, and presently joins likeminded partners in expressing that such cyber campaigns are unacceptable.
The organisation became aware of this campaign in early 2017.
The National Cyber Security Centre (NCSC) issued advice on its website that enables New Zealand organisations to take steps in protecting their networks.
The organisation also engaged with New Zealand subsidiaries of the targeted managed service providers to assist in their response.
A robust attribution process has been done by the Bureau in relation to this campaign. The country attributes cyber incidents where it is in the national interest to do so.
The approach being done is consistent with the Bureau’s previous attributions of cyber activity.
Data shows that of the serious incidents recorded by the NCSC, around a third of which can be linked to state-sponsored actors.
This ongoing activity reinforces the importance of organisations having strong cyber security measures across their supply chain.
Cyber-security is a team effort and the NCSC encourages organisations to take the time to ensure they have their security settings right.
Incidentally, the NCSC has released its Cyber Threat Report for the 2017/2018 reporting year.
As reported, the Centre has recorded 347 cyber security incidents in the reporting year from 01 July 2017 to 30 June 2018.
134 incidents, which are 39% of the total, contained indicators that had been linked to known state-sponsored cyber actors.
This shows an increase of nearly 10% from the 122 state-sponsored linked incidents recorded last year.
The report shows that there has been a shift in the cyber threat landscape, with increasing avenues for cyber threats and changes in actor behaviour.
This has been offset by the Centre’s increased ability to detect and disrupt threats at an early stage, and increased engagement with New Zealand’s organisations of national significance.
The vast majority of recorded incidents were detected at, or prior to, an actor’s first attempt to compromise an organisation.
This minimised the harm experienced by New Zealand organisations.
The Centre conservatively estimates “gross reduced harm benefit” to New Zealand of NZ$ 27 million through the operation of its CORTEX capabilities for the 2017/2018 period.
In the two years since July 2016, Project CORTEX has reduced an approximate total of NZ$ 67 million in harm to New Zealand organisations.
CORTEX is a suite of capabilities that counters cyber threats to organisations of national significance like operators of critical national infrastructure.