Rus­sian hack­ers be­hind NZ hits

The Dominion Post - - Front Page - TOM PULLAR-STRECKER

There are signs New Zealand or­gan­i­sa­tions have been di­rectly threat­ened by Rus­sian state-spon­sored hack­ing, GCSB direc­tor-gen­eral An­drew Hamp­ton says.

‘‘At­tribut­ing cy­ber in­ci­dents to par­tic­u­lar coun­tries is some­thing that is care­fully con­sid­ered and is a step not taken lightly,’’ he said.

The bomb­shell came in the wake of in­ter­na­tional con­cerns about Rus­sian-backed hacks on net­work­ing equip­ment.

New Zealand’s National Cy­ber Se­cu­rity Cen­tre (NCSC) was yes­ter­day point­ing peo­ple to a strong­worded warn­ing put out by the United States and Britain over ‘‘Rus­sian state-spon­sored’’ hack­ing.

In what ap­peared un­usu­ally firm lan­guage, the US Com­puter Emer­gency Re­sponse Team ac­cused ‘‘Rus­sian state-spon­sored cy­ber ac­tors’’ of us­ing com­pro­mised com­puter net­work equip­ment to con­duct a ‘‘world­wide’’ cam­paign of es­pi­onage.

It said signs of the Rus­sian Gov­ern­ment bid to ex­ploit weak­nesses in de­vices such as in­ter­net routers were first de­tected in 2015.

An NCSC spokesman was not able to com­ment on whether it had ev­i­dence New Zealand or­gan­i­sa­tions had been af­fected.

But Hamp­ton said, for the first time, that there were in­di­ca­tions ‘‘Rus­sian state and state-spon­sored ac­tors’’ were be­hind some of the 122 se­ri­ous in­ci­dents iden­ti­fied in a Gov­ern­ment Com­mu­ni­ca­tions Se­cu­rity Bu­reau (GCSB) an­nual re­port in Novem­ber that had ‘‘in­di­ca­tors of con­nec­tion to for­eign intelligence agen­cies’’.

‘‘New Zealand or­gan­i­sa­tions were sub­ject to both di­rect and in­di­rect threats. Mo­ti­va­tion for these in­ci­dents in­cludes es­pi­onage and rev­enue gen­er­a­tion.’’

The GCSB would not say whether any of the at­tacks had been suc­cess­ful.

Australia’s Min­is­ter for Law En­force­ment and Cy­ber Se­cu­rity, An­gus Tay­lor, said ‘‘a sig­nif­i­cant num­ber of Aus­tralian or­gan­i­sa­tions’’ had been tar­geted by the lat­est cam­paign iden­ti­fied by the US and Britain.

Tay­lor de­scribed the in­ci­dents as ‘‘un­ac­cept­able’’.

The NCSC has linked to the Amer­i­can warn­ing on its web­site and in­vited Kiwi or­gan­i­sa­tions that want fur­ther in­for­ma­tion to get in touch.

The na­ture of the hard­ware vul­ner­a­bil­i­ties listed in the US re­port sug­gest that or­gan­i­sa­tions us­ing in­dus­try best prac­tice to se­cure their net­works should not have been com­pro­mised.

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.