The director-general of the Government Communications Security Bureau (GCSB), Andrew Hampton, is concerned at international reports which link North Korea to the WannaCry ransomware attack.
And North Korea is not the only culprit. Hampton said in the 12 months to June 2017, 122 of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have been linked to state-sponsored actors.
Launched in May, WannaCry encrypted data and demanded a ransom payment to unlock computers in over 150 countries, and significantly affected the UK’s National Health Service.
This week, the US officially linked the attack to North Korea.
“Cyber threat analysis from a range of sources, including the United States and the United Kingdom, attributes WannaCry to North Korean cyber threat actors,” Hampton said.
New Zealand was not significantly impacted by WannaCry, but GCSB says we are not immune from this type of threat in a globally connected world.
“We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity," Hampton said.
“Cyber threats continue to increase, in part because of New Zealand’s global connectivity but also because the cost barriers are low, and getting lower, while the potential for harm is vast."
The GCSB has two main functions: collecting intelligence in accordance with the Government’s priorities and providing cyber security and information assurance services to public and private sector organisations of national significance.
Cortex has been rolled out to a group of nationally significant organisations, Hampton said.
“An independent assessment of the Cortex programme showed that over a 12 month period it has saved New Zealand’s most important organisations around $40 million in harm.”