New Zealand condemns malicious cyber activity by Chinese state-sponsored actors

GCSB

New Zealand has established links between Chinese state-sponsored actors known as Advanced Persistent Threat 40 (APT40) and malicious cyber activity in New Zealand.

“The GCSB has worked through a robust technical attribution process in relation to this activity. New Zealand is today joining other countries in strongly condemning this malicious activity undertaken by the Chinese Ministry of State Security (MSS) – both in New Zealand, and globally,” Minister Responsible for the Government Communications Security Bureau Andrew Little said.

“Separately, the GCSB has also confirmed Chinese state-sponsored actors were responsible for the exploitation of Microsoft Exchange vulnerabilities in New Zealand in early 2021.

“New Zealand joins international condemnation of the exploitation of the Microsoft Exchange platform by Chinese state-sponsored actors, and the widespread and reckless sharing of the vulnerability, which led to other cyber actors’ exploitation of it.

 “We call for an end to this type of malicious activity, which undermines global stability and security, and we urge China to take appropriate action in relation to such activity emanating from its territory” Andrew Little said.

“This reinforces the importance of organisations and individuals having strong cyber security measures in place.

“The GCSB’s National Cyber Security Centre (NCSC) has provided direct support to New Zealand organisations that have been affected by this malicious cyber activity. For both national security and commercial in confidence reasons, these organisations are not identified publicly," Andrew Little said.

According to the GCSB, around 30 per cent of serious malicious cyber activity against New Zealand organisations recorded by the NCSC contains indicators that can be linked to various state-sponsored actors.