NCSC Newsroom
The NCSC uses this site to share relevant security information and news produced by the NCSC and other organisations.
Current Activity
Cyber planning course for key NZ infrastructure orgs
3 May 2013
Cyber planning course for key NZ infrastructure orgs
The National Cyber Security Centre (NCSC), with the CERT Program of Carnegie Mellon University’s Software Engineering Institute (SEI), is offering spaces on a one day course for Government departments and critical infrastructure operators on how to respond to cyber attacks.
The National Cyber Security Centre is part of the Government Communications Security Bureau (GCSB), which has a role to protect government systems and information, and to work with critical infrastructure operators to help them improve their computer and network security.
GCSB Director Ian Fletcher says, “We are pleased to be able to offer this training for government and the private sector in partnership with Carnegie Mellon University.
“The Carnegie Mellon Software Engineering Institute is regarded as the world leading training institute in this field. We have developed this Incident Management programme specifically for New Zealand to support our important organisations develop Computer Security Incident Response Teams (CSIRTs).
“The teams will have an agreed method and format for responding to suspected threats, as well as setting up trusted communication channels and collaboration across New Zealand. It also involves developing training and mentoring to ensure the expertise and skills base is grown.
“Cyber attacks are becoming more advanced and sophisticated, and increasingly are targeting intellectual property and other proprietary information held by businesses as well as individuals.
“There’s no reason to believe New Zealand is any different from the rest of the world. We are seeing more incidents reported in New Zealand, and we can benefit from having a standardised cyber security incident response method and format.”
The courses are being run in Auckland, Wellington and Christchurch in mid June.
If organisations are interested in taking part, with no charge for attending the sessions, you can contact info@ncsc.govt.nz
Media contact: Antony Byers 04 463 1667 or 021 241 7449
New Training to Address Cyber Security Risk
A new cyber security and information assurance course has been launched by the Wellington Institute of Technology (WelTec) in collaboration with the Government Communications Security Bureau (GCSB).
File attachments:
| Attachment | Size |
|---|---|
 WelTec GCSB 02 April 2013.pdf | 87.44 KB |
Speech given by the GCSB Director
Speech given by the GCSB Director Ian Fletcher at the Gallagher Security conference held in Hamilton on 11 March 2013
File attachments:
| Attachment | Size |
|---|---|
| GCSB - Gallagher Speech - 11 March.pdf | 216.04 KB |
Key NZ infrastructure operators take a lead in cyber security
MEDIA RELEASE - 21 February 2013
Key NZ infrastructure operators take a lead in cyber security
A group of New Zealand critical infrastructure organisations have established the New Zealand Cyber Security Voluntary Standards for Industrial Control Systems with the support of the National Cyber Security Centre (NCSC).
The NCSC is part of the Government Communications Security Bureau, and supports government and critical infrastructure owners in efforts to protect themselves from cyber threats.
These critical infrastructure organisations operate industrial control systems, which allow centralised supervision and control of remote assets. The group has been working on voluntary standards with the NCSC.
Mike Judge from Genesis Energy says, “This work has allowed us to safely discuss cyber security issues, and work together with industry to develop best practice and share information.
“The participants in this group are well placed, to provide or endorse security guidance to the New Zealand utility industry. Risks will vary, but this standard we have developed is a practical compilation of best practice and guidance for establishing a secure control system.
“The aim is to minimise the threat from unauthorised or inappropriate access, and also to maintain access and control during adverse conditions.“
“These voluntary standards will be applicable for a range of NZ industries including electricity, oil and gas, water, transport, chemical, pharmaceutical, food and beverage, and manufacturing.” Mr Judge said.
The National Cyber Security Centre recently published its 2012 Incident Summary, which identified a significant increase in the number of attacks against New Zealand government agencies and critical national infrastructure in 2012.
If you or your organisation is a part of the Industrial Control Systems infrastructure (SCADA) in New Zealand and is seeking further resources on current security issues contact the NCSC ICS team by emailing: info@ncsc.govt.nz
Media contact: Antony Byers 04 472 6881 or 021 241 7449
Security Advisory – Adobe Reader and Acrobat
Adobe has released a Security Advisory which identifies critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in two Adobe products; Reader and Acrobat. The following versions are affected:
• Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh
• Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh
• Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh and Linux
• Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh
• Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh
• Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh
According to Adobe, these vulnerabilities could allow the application to be exploited causing it to crash, and potentially allow an attacker to take control of the affected system.
Adobe has also acknowledged other reports which have identified that these vulnerabilities are being exploited in the wild, in targeted attacks, designed to trick Windows users into opening a malicious PDF file delivered in an email message.
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.01 and earlier) for Windows and Macintosh, X (10.1.5 and earlier) for Windows and Macintosh, 9.5.3 and earlier 9.x versions for Windows and Macintosh, and Adobe Reader 9.5.3 and earlier 9.x versions for Linux. These updates address the vulnerabilities detailed above.
The NCSC encourages administrators to review the full security bulletin from Adobe, available here, and apply these updates as soon as practicable.
Security Advisory – Yahoo! Xtra Phishing Scam Emails
The Yahoo! Xtra email service has been widely reported to have been targeted over recent days by malicious attacks which are believed to have compromised the Yahoo! Xtra email accounts of some users.
Users of this service have reported receiving emails purportedly from people they know containing links to a suspicious website. If the link is clicked, then similar emails are then sent to certain contacts on their address list. Users have also reported compromises to their own email accounts suggesting emails had been sent from those accounts without the users’ knowledge.
As a precaution, if you have received a suspicious email of this nature, NCSC strongly advises that you do not click the link. Telecom has also issued an advisory which recommends Yahoo! Xtra email users reset their email passwords via their password reset page. The full advisory can be viewed here.
Security Advisory - Multiple Vulnerabilities identified in Adobe Flash Player
Adobe has released security updates for Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe has reported that CVE-2013-0633 has been observed being exploited in the wild through targeted attacks designed to trick the user into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content. The exploit for CVE-2013-0633 targets the ActiveX version of Flash Player on Windows.
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.01 and earlier) for Windows and Macintosh, X (10.1.5 and earlier) for Windows and Macintosh, 9.5.3 and earlier 9.x versions for Windows and Macintosh, and Adobe Reader 9.5.3 and earlier 9.x versions for Linux. These updates address the vulnerabilities detailed above.
The NCSC encourages administrators to review the full security bulletin from Adobe, available here, and apply these updates as soon as practicable.
NCSC – 2012 Incident Report Summary
MEDIA RELEASE - 14 February 2013
More cyber threats reported in NZ
The National Cyber Security Centre (NCSC) has reported a significant increase in the number of reported attacks against New Zealand government agencies, critical national infrastructure, and private sector organisations in 2012.
The NCSC is part of the Government Communications Security Bureau (GCSB), and supports government and critical infrastructure to protect themselves from cyber threats.
GCSB Director Ian Fletcher says, “In 2011, we recorded 90 threats that meet the threshold which puts government or other critical national infrastructure at risk. In 2012 we’re up to134.
“These are relatively small numbers, but it does amount to at least three serious attacks every week, and we are sure this is under reported.
“The NCSC was established in 2011 so reporting incidents is still relatively new, and based on the attacks in other parts of the world it’s highly likely there is a lot more happening in New Zealand. There’s no reason to think we’re different,” Mr Fletcher said.
The NCSC 2012 Incident Summary shows scam and spam related incidents were the most common, with denial of service attacks on networks, and botnet/malware activity the next most common.
The target of most incidents was the private sector then government.
More than half of the incidents originated overseas.
Specific details of the incidents are not published to protect the targets and vulnerabilities.
For help protecting your home or personal computer visit www.securitycentral.org.nz
File attachments:
| Attachment | Size |
|---|---|
| NCSC- 2012 Incident Report.pdf | 405.24 KB |
Multiple vulnerabilities identified in Universal Plug and Play (UPnP)
Security researchers have identified multiple vulnerabilities in libupnp, the open source portable SDK for Universal Plug and Play (UPnP) devices. Libupnp is employed by hundreds of vendors for UPnP-enabled media devices designed to support automatic discovery and service configuration.
The NCSC recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities.
It is also advised that network administrators review the full details of CERT Vulnerability Note VU#922681 and disable UPnP (if possible), as well as restricting access to SSDP (1900/udp & tcp) and Simple Object Access Protocol (SOAP) services from untrusted networks like the Internet.
NZ-UK joint statement on cyber security
New Zealand’s Foreign Minister and the visiting Foreign Secretary of the United Kingdom have committed the two countries to working more closely together to address cyber security.
As well as the international collaboration, the commitments include working more closely with their respective business communities to improve the protection of intellectual property which is crucial for both economies. The joint statement is available here.
Pages
