Vodafone selected for GCSB's Cortex malware disruption pilot

Thursday 23rd March 2017

Vodafone New Zealand, the country's second largest internet service provider, is trialling a pilot programme for the Government Communications Security Bureau, using top-of-the-line technology to mitigate an increasing number of cyber attacks.

The programme is called Malware Free Networks, referring to foreign sourced advanced malicious software, and lets Vodafone use GCSB's cyber threat information and technology to mitigate those attacks for a small group of the ISP's commercial customers. The GCSB had been keen to test its Cortex technology with an ISP since 2014, however Cabinet wanted the intelligence agency to report back before signing off on such a deal.

In December last year, GCSB director Andrew Hampton told Parliament's intelligence and security committee it wanted to increase the information it gives to ISPs from the Cortex system, and in today's first annual report on the government's Cyber Security Strategy Action Plan, Vodafone was named as the winning bidder for the pilot.

"The pilot involves GCSB sharing cyber threat information and technology with Vodafone NZ to help Vodafone mitigate malware for a small subset of its commercial customers," the report said.

The Cortex system became public when former Prime Minister John Key declassified some documents in response to claims by Intercept journalist Glenn Greenwald and former US National Security Agency contractor-turned-whistleblower fugitive Edward Snowden that New Zealand's GCSB embarked on plans to implement mass metadata surveillance, including the tapping of the Southern Cross Cable, in 2012 and 2013, in an initiative called 'Speargun'.

Project Cortex wasn't seen as causing material privacy issues, with controls including how data is access, stored, shared and disposed of. The business plan said there will be no mass surveillance, and that data will be accessed by GCSB only with the consent of owners of relevant networks or systems.

The cyber security strategy report said an independent quality assurance of Cortex found it was tracking to plan, and that it was "well-run, achieving maturity scores not normally seen for government projects" and with "particular strengths" around project leadership and management.

The GCSB's website says Vodafone began the pilot in September last year, and that the technology is only used "with the explicit consent of participating organisations" and that only a small number of the telecommunications company's customers were offered and took up the option.

The intelligence agency will report back to Cabinet in the first quarter on the programme, and any extension will need ministerial approval.

Vodafone doesn't bear any of the cost of the pilot, with the GCSB footing the bill, the website said.

The cyber security strategy report said the next step for protecting New Zealand's most important information infrastructures was to "complete the full deployment of Cortex capabilities to NCSC (National Cyber Security Centre) customers".

The National Cyber Security Centre held a series of briefings for senior executives and company directors to raise awareness about cyber security issues in 2016 and "has now commenced outreach and engagement to a wider, more diverse set of critical national infrastructure organisations (beyond its core Cortex constituency)," the report said.

Among its efforts to maximise the cyberspace economic opportunities for New Zealand firms, the National Cyber Security Centre held an "initial meeting with ICT services exporters to discuss the role of government in dealing with market access barriers arising from cyber security measures in export markets" and plans build those relationships with a specific focus on overcoming international regulatory hurdles.

BusinessDesk.co.nz

Comments from our readers

No comments yet