The Government Communications Security Bureau (GCSB) tells us it has established clear links between the Russian government and a campaign of malicious cyber activity targeting overseas political institutions, businesses, media and sporting organisations.
The bureau says New Zealand organisations were not directly affected by these malicious cyber activities.
“We are, however, seeing a range of activity in NZ that contains indicators which can be linked to Russian state actors. These incidents reinforce the need for NZ to have robust national systems to address cyber threats”.
Good to know the GCSB is on the job, but Point of Order wonders why such a statement, with all its serious international implications, was left to the GCSB’s director-general Andrew Hampton to issue.
Surely this is a matter which, because of those international implications, should have come from the Prime Minister? Or the Deputy Prime Minister? Or the Minister of Foreign Affairs and Trade? Or even the Minister in charge of Intelligence Services?
Or were they worried they would step on Vladimir Putin toes?
Then there is the timing of the statement.
Hampton says the GCSB has worked through a robust attribution process which strongly links four international malicious cyber incidents since 2015 to the Russian government
“The nature of these campaigns is complex. The GCSB’s assessment found it was highly likely the Russian military General Staff Main Intelligence Directorate (GRU) was behind the campaigns and that a number of cyber proxy groups associated with these incidents are actors of the Russian state. Our process considered material from our partners and our own cyber threat analysis.
“The United Kingdom’s National Cyber Security Centre has today announced it assesses the GRU is behind this activity. This analysis is consistent with the GCSB’s”.
Hampton goes on:
“These malicious cyber activities serve no legitimate national security interest. They were designed to negatively impact on the ability of people around the world to go about their daily lives free from interference. Such behaviour is unacceptable – it is counter to NZ’s vision for an open, safe and secure cyberspace.
“NZ organisations were not directly affected by these malicious cyber activities. We are, however, seeing a range of activity in New Zealand that contains indicators which can be linked to Russian state actors.
“These incidents reinforce the need for NZ to have robust national systems to address cyber threats. Initiatives such as the GCSB’s CORTEX cyber defence capabilities and the proposed expansion of the Malware-Free Networks programme help protect our nationally significant organisations.”
The government is taking a fresh look at the current Cyber Security Strategy to ensure NZ is equipped to handle increasing cyber security threats.
Poimt of Order wonders which part of the Coalition Government is doing that.