The Government Communications Safety Bureau (GCSB) is taking its Malware-Free Networks (MFN) cyber defence initiative to New Zealand’s organisations of national significance.
Minister responsible for the GCSB Hon. Andrew Little announced the initiative’s expansion today, following a successful pilot programme with Vodafone and a small group of Vodafone’s consenting customers.
The Malware-Free Networks initiative was developed as part of the CORTEX initiative, and will be provided by the customer’s internet service provider.
The GSCB says the MFN builds on malware detection capability provided by internet service providers. The GCSB shares technology and cyber threat information, particularly on foreign-sourced malware that is persistent.
The GCSB’s next step will be to develop a plan on how it can work with telecommunications network operators to deliver the expanded service, which is expected to take a couple of months.
The GCSB says that like its other initiatives, the MFN only shares information with the explicit consent of participating organisations.
Andrew Little says that malicious and reckless cyber activity is a threat to our digital information and economic wellbeing, particularly as we live in an increasingly global and connected world.
“To further help address this threat GCSB will offer its Malware-Free Networks cyber threat detection and disruption service to a broad cross section of New Zealand’s organisations of national significance,” he says.
The organisations of national significance were identified and chosen by the Department of the Prime Minister and Cabinet.
They include critical national infrastructure, government departments, key economic generators, niche exporters, and research institutions.
According to the GCSB, “The range of organisations being offered MFN cyber threat detection and disruption is quite broad. The GCSB, through its National Cyber Security Centre, engages with hundreds of nationally significant organisations across the country. The aim is that a significant proportion of those organisations will be offered the MFN service.”
The MFN pilot programme with Vodafone showed that there is potential to disrupt a ‘significant volume’ of malicious cyber activity, Little says.
“There was a substantial increase in the volume of activity detected and disrupted when the Malware-Free Networks information was used in conjunction with the network operator’s existing cyber security capability.”
The GCSB also runs CORTEX, a cyber defence system available to nationally-significant organisations.
“Malware-Free Networks will be an additional service, providing an extra layer of protection to many more organisations. Expanding this service will significantly increase the range of organisations receiving the cyber defence services Government offers New Zealand’s organisations of national significance through the GCSB,” Little says.
He believes that over the next two years, many of New Zealand’s nationally-significant organisations will have engaged with the GCSB through the MFN initiative.
The cost of the Malware-Free Networks expansion will be paid for out of the GCSB’s baseline.