ITP Techblog

Brought to you by IT Professionals NZ
« Back to Government

Govt hackers account for nearly one third of attacks: NCSC

Paul Brislen, Editor. 26 November 2020, 7:31 am

The National Cyber Security Centre has released its Cyber Threat Report for the 2019/2020 period and threats continue to rise for New Zealand users right across the board, including attacks from "state-level actors", that is, spy agencies overseas working for governments.

NCSC Director, Hamish Beaton, says that throughout 2019/20, state-sponsored and non-state actors have shown their willingness to target New Zealand organisations in all sectors using a range of increasingly advanced tools and techniques.

"A common theme this year, which emerged prior to the COVID-19 pandemic, was the exploitation of known vulnerabilities in internet-facing applications, remote desktop services and virtual private network applications.

"This means organisations with poor security posture are more likely to become a victim of malicious cyber activity, and are much less likely to detect such activity before harm is caused," says Beaton.

Almost one third of attacks (30%) can be attributed to state-level actors, says the report.

The NCSC, part of the Government Communications Security Bureau, works closely with CERT NZ to form the core of the government's response to cybersecurity issues. CERT released its quarterly assessment report yesterday as well, and the two agencies paint a picture of increasing attacks, particularly during the COVID-19 lockdown and beyond, says Beaton

"The increased uptake and reliance on digital platforms by the private and public sectors expands the potential attack surface for malicious cyber actors. This led to a significant increase in demand for our cyber security advice and guidance.

"We responded to this through greater direct engagement with customers and by publishing more guidance on our website, particularly around adopting cloud services and remote working solutions.

"Post COVID-19 lockdown we have followed up with further guidance advising organisations to review their security settings and the changes they made in response to COVID-19, to ensure any risks associated with the rapid changes required pre lockdown are effectively mitigated," Beaton says.

The full NCSC annual report can be found here, while the CERT NZ quarterly report can be found here.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio