GCSB detections prompt Govt to set up new agency.

Seven potentially significant cyber intrusions aimed at New Zealand organisations are being detected by a Government security agency every month.

Which organisations are protected by the Government Communications Security Bureau's "Cortex" cybersecurity programme is secret, but significant economic targets and vital network utilities are likely to be included.

Cortex is mostly automated, with machines using information and patterns gleaned from previous attacks to scan data and systems for points of weakness and possible intrusions.

Its existence was first revealed by Prime Minister John Key before the last election, ahead of Kim Dotcom's "moment of truth" event in Auckland.


In a speech in Auckland yesterday, Communications Minister Amy Adams revealed more about the attacks that Cortex encounters.

"In a typical month, the GCSB through Project Cortex detects seven potentially significant cyber intrusions affecting one or more substantial New Zealand organisations.

"It's essential that we protect our $231 billion GDP against this constant barrage of attacks."

The GCSB has previously confirmed cases, including a powerful cyberattack that targeted certain officials in a government department in a possible effort to access sensitive information.

Another major IT firm received help from the GCSB after it was discovered their computer network had been compromised for some time.

An emergency response group that will be a first port of call for organisations that have had computer security incidents will be set up after the Government pledged $22 million.

New Zealand is dealing with cyberattacks that have been sponsored by foreign countries and terror groups, Mr Key said yesterday.

"We're attacked by extremists and terrorists, and issue-motivated activists. Others include lone cyber hackers and disgruntled insiders. There are multiple kinds of threats and cyber harms.

"Victims can include anyone - from individuals or small businesses that lack the capability to address these issues, right up to large corporations."

We're attacked by extremists and terrorists, and issue-motivated activists.


The Computer Emergency Response Team (Cert) will be an organisation that receives cyber incident reports, tracks such incidents and cyberattacks, and provides advice and alerts on how to respond and prevent attacks.

The establishment of the team was announced in December as part of the Government's refreshed cybersecurity strategy.

Yesterday Ms Adams confirmed this month's Budget will include $20 million over four years to establish Cert. An additional $2.2 million of capital funding will be made available.

"It will be the central place for businesses and organisations to go to for help and information when they're experiencing cyberattacks," Ms Adams said.

"Establishing a national Cert means New Zealand joins an international network of Certs, improving our access to information on potential or real-time cyberattacks."

The centre will initially be established as a unit in the Ministry of Business, Innovation and Employment, and is expected to be up and running by next year.

Mr Key told a cybersecurity summit in Auckland more than 856,000 New Zealanders are affected by cybercrime each year, with cybercrime estimated to cost New Zealand $257 million last year.

"These are small-time attacks in the form of computer viruses and malware, credit card fraud, online scams, phishing and identity theft.

"And while we are yet to experience a full-scale cyber incident like we've seen offshore, New Zealand is not immune to them," Mr Key said.

"Overseas these have included the likes of the cyberattack on Sony Pictures, where company information was stolen and leaked online. Or the hacker who stole credit card details from more than 110 million customers of the US-based Target department store."

Mr Key said attacks dealt with in New Zealand included state-sponsored espionage by foreign countries and organised criminal groups.

The Cert would play an important role in repelling attacks, he said.

"It's a concrete step towards better protecting New Zealand against cyberattacks. But none of this will work if it's left up to the Government alone," Mr Key said.

"As I said earlier, businesses need to accept cybersecurity poses an enormous and immediate threat."