The Government Communications Security Bureau (GCSB) will extend its Malware-Free Networks cyber defence initiative, minister Andrew Little has announced.
The decision to expand the programme follows a success pilot the GCSB carried out with Vodafone and some its consenting customers, Little says.
“The pilot showed the Malware-Free Networks (MFN) capability has the potential to disrupt a significant volume of malicious cyber security,” he says. “There was a substantial increase in the volume of activity detected and disrupted when the MFN information was used in conjunction with the network operator’s existing cyber security capability.”
Little says the cost of the extending the MFN will be part of the GCSB’s existing budget.
According to information on the GCSB website, the MFN service builds on the malware detection capability already provided by ISPs and it involves the GCSB sharing cyber threat information and technology with consenting organisations. The focus is on foreign-sourced malware “that is particularly advanced in terms of technical sophistication and/or persistence.”
MFN was developed as part of the CORTEX initiative, which provides an advanced cyber defence that goes beyond the capabilities of commercially available products and services. CORTEX protects again theft of intellectual property, loss of customer data, destruction or dissemination of private communications, holding data for ransom and damage to IT networks and services.
GCSB won’t disclose what organisations are taking part in CORTEX and MFN, but they are identified through the Department of Prime Minister and Cabinet, and include government departments, key economic generators, niche exporters, research institutions and operators of critical national infrastructure.
“I expect over the next two years a substantial number of New Zealand’s nationally significant organisations will have engaged with the GCSB on Malware-Free Networks,” Little says.
The move to extend the MFN is part of a number of announcements made by the Government recently around Cybersecurity. Little is part of the Cabinet External Relations and Security Committee, which also includes Prime Minister Jacinda Ardern, Deputy Prime Minister Winston Peters, Finance Minister Grant Robertson, Attorney General David Parker and Communications Minister Clare Curran.
Curran recently announced a refresh of the Cyber Security Strategy and Action Plan, while in the budget $3.9 million of new operating funding over the next four years was provided to the Computer Emergency Response Team (CERT).