The newly established National Cyber Security Centre is, as might be expected, not very forthcoming in an initial reply to questions on suspicions of attacks coming from other nation states.
The question was raised earlier this year by Andy Solterbeck, of security company RSA, which strongly suspects it was subjected to such an attack in March this year.
“Incidents reported internationally suggest that cyber-attacks are increasingly targeted at intellectual property and other proprietary information held by government and businesses as well as individuals,” says Grant Fletcher, the centre’s deputy director, information assurance and cyber security.
New Zealand is “certainly not immune” from such attacks, he says. However “for reasons of confidentiality and national security, we are unable to provide specific details about incidents in New Zealand.”
Solterbeck said approaches to possible nation-state-sourced attacks should move beyond the technical and include approaches at top government and diplomatic levels; however, asked about specific policy to deal with such attacks, Fletcher falls back on the government’s published Cyber Security Strategy, issued in June.
“The Strategy outlines New Zealand’s approach to improving our protection against cyber threats. This includes creating a coordinated response to meet new cyber security challenges as they emerge,” he says. “The exact process for dealing with incidents will depend on the nature of the threat.”
However the NCSC will lead New Zealand’s response to any “sophisticated cyber-attacks”, he says.
“The Government is also working with a wide range of stakeholders across government, industry and non-government organisations and international security partners on cyber security issues,” he adds.
Critics attacked the Cyber Security strategy when it was released as being not really a strategy but more a general survey of the threat landscape. InternetNZ CEO Vikram Kumar, however, came to its defence, saying it was “a start”. Government should not be expected to provide all the knowledge and implementation resources itself, Kumar says; the ICT industry must play its part.
Fletcher for the NCSC also offers no definite news on the widely-felt need for a New Zealand Computer Emergency Response Team (CERT)
“One of the longer term initiatives outlined in the Cyber Security Strategy is to work with interested parties to determine the need for a New Zealand CERT. Work on this initiative, led by the Ministry of Economic Development, is underway,” he says.
The NCSC has been established as part of the Government Communications Security Bureau (GCSB). It has absorbed the functions of the former Centre for Critical Infrastructure Protection.
Approached again, Fletcher amplifies his remarks. "Cyber intrusions come from a number of sources with varying degrees of sophistication. Some of the most advanced and persistent cyber attacks or intrusions on governments and critical infrastructure worldwide are thought to originate from foreign military and intelligence services or organised criminal groups.”
However, on the subject of a specific policy for suspected nation-state intrusions, he says “The Government’s response to a cyber incident focuses on trying to minimise any negative impact from that incident in the first instance, regardless of its origin.
“The NCSC will work closely with domestic government agencies, international security partners and other governments to help combat cyber attacks or intrusions,” he adds.
“For national security reasons we are unable to provide any further information on this subject.”