A third of NZ cyber attacks state-sponsored: GCSB

The GCSB base in Marlborough. Photo / Mark Mitchell

More than a third of cyber attacks on New Zealand may be state-sponsored, the government's intelligence agency revealed today as it expressed concern over North Korea's reported links to the devastating WannaCry virus.

The Government Communications Security Bureau (GCSB) said there had been 396 "serious incidents" recorded by its national cyber-security centre in the year to June 2017.

Of those, 122 involved "indicators that have previously linked to state-sponsored actors", GCSB Director-General Andrew Hampton said.

"Cyber threats continue to increase, in part because of New Zealand's global connectivity, but also because the cost barriers are low - and getting lower - while the potential for harm is vast."

Hampton said that over the year to June, the GCSB's new Cortex programme had saved New Zealand's most important organisations some $40 million.

He raised concern about international reports linking the isolationist North Korean state to WannaCry - a highly-malicious ransomware virus that crippled parts of the United Kingdom's National Health Service and compromised companies such as FedEx and Nissan.

It was found in over 150 countries where it encrypted data and demanded ransom payment to unlock computers but largely bypassed New Zealand.

"While New Zealand was not significantly impacted by WannaCry, we are not immune from this type of threat," Hampton said. "In a globally connected world, our relative geographic isolation offers no protection from cyber threats.

"We support the actions of our cyber-security partners in calling out this sort of reckless and malicious cyber activity."

GCSB Director-General Andrew Hampton. Photo / Mark Mitchell.

Earlier today, White House homeland security advisor Tom Bossert publicly attributed WannaCry attacks to North Korea.

"We do not make this allegation lightly. We do so with evidence, and we do so with partners," he said.

The US blamed North Korea for the WannaCry ransomware attack that affected hundreds of thousands of computers globally this year.

It is using the attack as further justification for the White House's campaign to step up international pressure on the regime.

WannaCry crippled parts of the UK's state-run National Health Service and compromised companies such as FedEx and Nissan.

North Korea has grown increasingly adept at breaking into computer systems around the world for financial gain and strategic benefit. This year, the regime's "cyber warriors" have been linked to stolen US-South Korean military plans and the alleged theft of NZD$86m from a Taiwan bank.

The hackers drew international headlines in 2014 when they allegedly broke into Sony's movie business as it was preparing to release the Interview, a Seth Rogen and James Franco comedy about meeting the North Korean leader.

- additional reporting: Bloomberg