Russian hackers behind NZ hits
There are signs New Zealand organisations have been directly threatened by Russian state-sponsored hacking, GCSB director-general Andrew Hampton says.
‘‘Attributing cyber incidents to particular countries is something that is carefully considered and is a step not taken lightly,’’ he said.
The bombshell came in the wake of international concerns about Russian-backed hacks on networking equipment.
New Zealand’s National Cyber Security Centre (NCSC) was yesterday pointing people to a strongworded warning put out by the United States and Britain over ‘‘Russian state-sponsored’’ hacking.
In what appeared unusually firm language, the US Computer Emergency Response Team accused ‘‘Russian state-sponsored cyber actors’’ of using compromised computer network equipment to conduct a ‘‘worldwide’’ campaign of espionage.
It said signs of the Russian Government bid to exploit weaknesses in devices such as internet routers were first detected in 2015.
An NCSC spokesman was not able to comment on whether it had evidence New Zealand organisations had been affected.
But Hampton said, for the first time, that there were indications ‘‘Russian state and state-sponsored actors’’ were behind some of the 122 serious incidents identified in a Government Communications Security Bureau (GCSB) annual report in November that had ‘‘indicators of connection to foreign intelligence agencies’’.
‘‘New Zealand organisations were subject to both direct and indirect threats. Motivation for these incidents includes espionage and revenue generation.’’
The GCSB would not say whether any of the attacks had been successful.
Australia’s Minister for Law Enforcement and Cyber Security, Angus Taylor, said ‘‘a significant number of Australian organisations’’ had been targeted by the latest campaign identified by the US and Britain.
Taylor described the incidents as ‘‘unacceptable’’.
The NCSC has linked to the American warning on its website and invited Kiwi organisations that want further information to get in touch.
The nature of the hardware vulnerabilities listed in the US report suggest that organisations using industry best practice to secure their networks should not have been compromised.