Nouvelle-ZélandeChallenges to maintaining cyber security
Cyber-enabled threats to our security continue to grow in number, scope and scale. Cyber criminals and malicious state-backed actors are targeting New Zealand now. Access is being sought to our personal information, bank accounts, intellectual property and nationally important data on a 24/7 basis. From home-users to businesses, to government to critical national infrastructure, everyone using the internet faces a constant and evolving threat. Potential harms include financial losses, reputational damage, loss of intellectual property and disruption to critical services. Constant vigilance and active protection of our sensitive data and networks is no longer optional. We also need to be ready to detect, respond to, and recover from any intrusions.
Technology is evolving quickly...
The nature and consequences of cyber incidents can vary widely, and, as new technologies are developed and adopted, new threats will emerge. Responding to these threats in the context of rapid technological change will require us to adapt quickly. The exponential increase in the use of IoT (Internet of Things) devices is an example of how the rush to deploy new products and services has led to the re-emergence of security issues that had been largely addressed in mature technology sectors. In October 2016, millions of IoT devices were taken over to form the Mirai botnet, which was used to launch a massive denial of service attack that disrupted the internet for almost the entire eastern United States.
Cyber security is a complex problem – it’s about people, policies, technology, trust and reliability. It is not always possible to predict what will happen and at what pace.
The emergence of AI is an example of a technological shift where the impact for cyber security is largely unknown. The potential national security issues posed by the adoption of 5G technology present new and different risks from that of previous generations of mobile infrastructure. Cyber attacks can also have unintended consequences: the NotPetya malware* initially only targeted Ukrainian entities but ended up spreading to cause damage and disruption across the globe.
...And threat actors are on the increase and becoming more sophisticated...
The number of malicious actors seeking to do harm on the internet also continues to rise. Threat actors of all kinds are increasingly bold, brazen and disruptive. As more people use and do business on the internet, the pay-offs from cyber and cyber-enabled crimes will also increase, attracting greater numbers of cybercriminals. Almost every cyber attack is a criminal act, regardless of who is behind it.
Cyber criminals and other threat actors are becoming more sophisticated. More and more, threat actors from individuals to nation states have access to the same tools and techniques. In 2017, the WannaCry outbreak caused major international disruption, including shutting down computers in the United Kingdom’s National Health Service. WannaCry was attributed to North Korean actors by a number of New Zealand’s international partners, highlighting how nation states can use cybercriminal tools, and vice versa.
