Russian global cyber attack may have targeted NZ
There are signs New Zealand organisations have been directly threatened by Russian statesponsored hacking, GCSB director-general Andrew Hampton says.
‘‘Attributing cyber incidents to particular countries is something that is carefully considered and is a step not taken lightly,’’ he added.
The bombshell came in the wake of international concerns about Russian-backed hacks on networking equipment.
New Zealand’s National Cyber Security Centre (NCSC) was yesterday pointing people to a strongworded warning by the United States and Britain over ‘‘Russian state-sponsored’’ hacking.
The US Computer Emergency Response Team accused ‘‘Russian state-sponsored cyber actors’’ of using compromised computer network equipment to conduct a ‘‘worldwide’’ campaign of espionage.
The US warning said signs of the Russian government campaign to exploit weaknesses in devices such as internet routers were first detected in 2015 and threatened the safety, security, and economic well-being of the US.
A NCSC spokesman was unable to comment on whether organisations here had been affected.
But Hampton said for the first time that there were indications ‘‘Russian state and state-sponsored actors’’ were behind some of the 122 serious incidents identified in a GCSB report in November that had ‘‘indicators of connection to foreign intelligence agencies’’.
‘‘New Zealand organisations were subject to both direct and indirect threats,’’ he said. ‘‘Motivation for these incidents includes espionage and revenue generation.’’
The GCSB would not say whether any of the attacks had been successful.
Australia’s Minister for Law Enforcement and Cyber Security, Angus Taylor, said ‘‘a significant number of Australian organisations’’ had been targeted by the latest campaign.
Taylor described the incidents as ‘‘unacceptable’’ and called on all countries ‘‘not to take actions that could lead to damage of critical infrastructure that provide services to the public’’.
The NCSC has linked the US warning on its website and invited organisations wanting further information to get in touch.
The nature of the hardware vulnerabilities listed in the US report suggest that organisations that were using industry best practice to secure their networks should not have been compromised.