VIDEO - GCSB cites links between Russian government and series of 'malicious' cyber activities | Stuff.co.nz

A New Zealand spy agency has found links between the Russian Government and a campaign of malicious cyber activity - however it appears New Zealand organisations haven't been targeted.

The Government Communications Security Bureau (GCSB) announced in a statement that after a "robust attribution process" four international malicious cyber incidents had been linked to the Russian Government.

Prime Minister Jacinda Ardern didn't go as far as to condemn Russia's actions, instead saying the "evidence" directly linking Russia to four cyber attacks was not surprising.

123RF

The New Zealand GCSB (Government Communications Security Bureau) has uncovered links between malicious cyber activity and the Russian government.

She said "others" needed to play by the rules and New Zealand should stand-up and "call out behaviour like cyber security attacks, when they occur".

READ MORE:
Russian spy scandal: Britain reaches out to New Zealand
Russia launches 'dirty tricks' cyber campaign

"New Zealand has not been the target here. It has not affected us, or any New Zealand firm, or business, but it highlights again why we need to make sure that our cyber security is up to scratch, is up to standard and the need to be vigilant."

"Cyber security is a threat, globally, and is a significant issue that whilst hasn't affected us directly, in these circumstances, has the potential to."

"I think it's about making sure we address any vulnerabilities in our system generally, regardless of who might be the perpetrator."

"The nature of these campaigns is complex. The GCSB's assessment found it was highly likely the Russian military General Staff Main Intelligence Directorate (GRU) was behind the campaigns and that a number of cyber proxy groups associated with these incidents are actors of the Russian state, Director-General Andrew Hampton said.

REUTERS

Cyber attacks on countries with strained relations with Russia may have been the work of patriotic Russian hackers acting independently, President Vladimir Putin said earlier this year. But he insists the Kremlin wasn't involved in alleged attempts to interfere with the US election.

"Our process considered material from our partners and our own cyber threat analysis."

The malicious cyber activity primarily targeted overseas political institutions, businesses, media and sporting organisations.

The GCSB statement comes in the wake of the UK's National Cyber Security Centre announcement, on Thursday, when the GRU was assessed to be behind the activity.

"These malicious cyber activities serve no legitimate national security interest. They were designed to negatively impact on the ability of people around the world to go about their daily lives free from interference, Hampton said.

He said the behaviour was unacceptable and ran counter to New Zealand's vision for an open, safe and secure cyberspace.

"New Zealand organisations were not directly affected by these malicious cyber activities. We are, however, seeing a range of activity in New Zealand that contains indicators which can be linked to Russian state actors.

"These incidents reinforce the need for New Zealand to have robust national systems to address cyber threats."

Hampton said the Government was in the process of taking a fresh look at the current Cyber Security Strategy to ensure the country was equipped to handle increasing cyber security threats.

National leader Simon Bridges said Russia's cyber activity while not directly related to New Zealand held concerns and was "despicable".

He called on the Government to strongly condemn the actions because "they've been soft on these issues in the past".

TIMELINE OF EVENTS

October 2017: The malware known as BadRabbit was distributed, affecting users in Ukraine and Russia.

August 2016: Confidential medical files relating to a number of international athletes were released online.  The World Anti-Doping Agency (WADA) stated publicly that this data came from a hack of its Anti-Doping Administration and Management system.

June 2016: The US Democratic National Committee (DNC) was hacked and documents were subsequently published online in an unauthorised disclosure.

July 2015:  Multiple email accounts belonging to a small UK-based TV station were accessed and content stolen.

https://www.stuff.co.nz/national/politics/107599548/gcsb-cites-links-between-russian-government-and-series-of-malicious-cyber-activities