GCSB spreads its malware shield, names foundation partners
- 01 December, 2021 10:00
Andrew Hampton (GCSB)
The Government Communications Security Bureau (GCSB) is partnering with private-sector cyber security providers in an initiative it said could prevent millions of dollars of cyber harm.
The GCSB’s National Cyber Security Centre (NCSC) launched the new capability today by making the centre’s cyber threat intelligence available to commercial providers to help defend their customers.
A swag of high-profile cyber security providers has already been recruited and these were progressively offering the NCSC's malware free networks (MFN) service as part of their managed security products.
The NCSC has inked agreements with nine foundation partners: Cassini, Cyber Research NZ, Datacom, Defend, InPhySec, Kordia, SSS IT Security Specialists, Spark NZ and Vodafone NZ.
The security agencies have been hinting at such an expanded initiative for the past month. It was effectively confirmed nine days ago when Research and Education Advanced Network NZ announced it was poised to offer members access to the MFN programme.
GCSB director-general Andrew Hampton said the key to scaling the benefits from NCSC cyber defence capabilities was to work in partnership with other cyber security providers.
“The malware free networks capability makes that possible, providing a platform for us to share indicators of malicious activity with security service providers so they can detect and disrupt that activity on their customers’ networks," Hampton said today.
There have been more than 40,000 indicators of compromise deployed to MFN since the new service was piloted and went live in September last year.
Hampton said these indicators were derived from a range of sources, including the operation of the NCSC’s cyber defence capabilities, through incident response work and from international partners.
“Already with an initial customer trial of MFN up to this point we are achieving real impact," he said. "As of yesterday, MFN has disrupted more than 10,000 threats."
The NCSC had engaged with a range of organisations and providers across the ISP, MSP, MSSP sector to identify partners who potentially had the technical capacity to integrate and deploy MFN to their customers.
As well as those named today, a number of other providers were in talks and the NCSC said it would continue to identify and bring on board others over time.
As the span of the capability grew and more partners included MFN in their services the benefit for New Zealand organisations, both public and private, would increase exponentially, Hampton said.
The NCSC reported earlier this month that the operation of its cyber defence capabilities helped reduce harm to New Zealand organisations by $119 million in the last financial year, and more than $284 million since the capabilities became operational in 2016.
The MFN capability was first piloted as part of the rollout of those capabilities.
“While the pilot showed it has significant potential, it also highlighted a range of technical challenges," he said. “Since the pilot, the NCSC has worked extensively with a range of local partners to address technical challenges and deliver a technology platform which can take our cyber threat information and very quickly turn it into actionable threat intelligence which partners can deploy."
Hampton said the achievement in developing those partnership relationships and delivering the MFN service was a reflection of the commitment and technical capability of the NCSC staff.
“I am really proud of their efforts, the partnerships we have established, and the service we are making available," he said. "I know it will make a real contribution to the future of New Zealand’s cyber defence.”
Responding to the ever-evolving threatscape facing New Zealand organisations required partnership, collaboration and team work across the public and private sectors, Hampton said.
"The delivery and scaling of our MFN capability is a great example of that. However, no single cyber security capability is a silver bullet.
"We still need organisations to ensure they have effective cyber security governance, understand their critical systems and risks – particularly across their supply chain and to have a plan for how they would respond to a cyber security incident.”
The NCSC said it had resources to help organisations address all of those areas.