New weapon in anti-malware armoury launched
Cyber security in New Zealand is set to take a step forward with the launch of a new weapon in the anti-malware armoury.
Auckland's Unitec Institute of Technology and Japan's National Institute of Information and Communications Technology last week launched a system designed to alert companies and organisations to a cyber hack as soon as it happens.
The Red Alert system is the result of several years' work by NICT scientists and engineers, supported through commissioned research projects, including by Unitec staff and students on computational intelligence for cyber security.
It is a New Zealand first and will be made available free for selected not-for-profit organisations this year, ahead of a wider release in 2016.
Designed to help protect any network that is connected and subscribed to it, Red Alert will issue an alert as soon as a hack takes place.
It will detect intrusions, notify the victim and then provide a report, which includes the type of attack, the part of the network infected and a list of experts who can help them resolve the issue.
According to a Mandiant's 2013 MTrends report the number of days a cyber threat was present in a victims' system before being detected was 299, by which time significant harm can be caused.
Hossein Sarrafzadeh, Unitec head of computing, says Red Alert will provide another layer of defence against cyber criminals, potentially saving money and protecting client data.
Sarrafzadeh says today's cyber attacks come from multiple sources, breaching boundary defences from inside and outside organisations, including zero-day exploits, drive-by download attacks, and malware spreading via USB memory sticks and mail attachments.
"The red alert system is designed to be the last line of defence – after the virus scanner and firewall," he says.
"Cyber threats are changing and developing all the time, and we all know how important it is to be protected against hackers. This system will give companies greater ability to protect their data, and their clients' data.
"Leveraged together with conventional boundary defence systems, this system is expected to realise improved network security and reduce staffing requirements within organisations," says Sarrafzadeh.
Unitec says te system has been welcomed by both the New Zealand cyber security and IT industry and government.
Andy Prow, of Aura Information Security, says it is prudent for every organisation to consider a last line of defence.
"Red Alert is just that. The industry has known for ages and the anti-virus vendors themselves agree that a lot of malware will bypass the perimeter undetected," Prow says.
"On one hand you'd say that Red Alert is too late as the malware is inside, but it is lot better than not knowing and letting it turn from an intrusion into a significant long-term data and system breach.
"As the name describes Red Alert will be one system you cannot ignore when the alarm goes off. From a malware and intrusion perspective it means you're on fire.
Paul Ash, director of the National Cyber Policy Office, acknowledged the contribution that Unitec is making to cyber security in New Zealand.
"It is good to see Unitec taking the initiative to develop technical innovations, such as the Red Alert system, to help defend networks," he says.
"The private sector and academic institutions play an important role in advancing cyber security.
The launch also marks the continuation of the relationship between Unitec and NICT, which began in 2012 with the establishment of the Cyber-Security Research Centre at Unitec's Mt Albert campus and has been extended until 2020.