Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


GCSB's 'Cortex' sought tie-up with ISP

GCSB's 'Cortex' sought tie-up with ISP

By Paul McBeth

Sept. 17 (BusinessDesk) - The Government Communications Security Bureau may expand its 'Project Cortex' to sharing malware-disrupting technology with local internet service providers, according to Cabinet papers declassified by Prime Minister John Key.

The project is described as countering advanced cyber threats and would see the communications-focused spy agency deliver advanced malware detection services to an undisclosed number of entities including government agencies and "organisations of high economic and/or operating critical national infrastructure", including niche exporters and research institutions. Those services would be an "active disruption" of foreign-sourced advanced malicious software, known as malware, reducing vulnerability to attack and mitigating harm by technical countermeasures acting before the fact by blocking the ability of malware to target organisations.

The GCSB recommended the extension of the 'active' programme to an internet service provider under pilot conditions, to see how it would work in a commercial context.

"If the pilot is successful, a proposal will be prepared for Ministerial consideration outlining the costs and benefits of wider deployment," according to an undated document entitled 'Project Cortex Business Case' that appears to have been written in late June or early July, based on dates on other documents. "This wider deployment would be led by industry, on a cost-recovery/profit basis, not by GCSB."

Spark New Zealand, the country's biggest ISP with about 49 percent of the market, hasn't had formal discussions with the GCSB about the project, according to a spokesman, while Vodafone New Zealand, which has about 32 percent of the market, declined to comment.

The GCSB met with an undisclosed number of major private sector firms deemed to be of national importance, all of whom "confirmed interest in engaging further on the proposals in the event that funding is secured." It considered charging users, but rejected that in the short-term as it would need an amendment to legislation.

The spy agency's business case focuses on "cyber-borne threats that are foreign-sourced and particularly advanced in terms of technical sophistication and/or persistence," said the document.

Under threat are intellectual property and damage to IT systems that can't be countered by commercial available tools, and malware had already targeted "key economic generators", including a large New Zealand firm, niche exporters in knowledge-intensive industries, major IT service providers and government agencies, the documents say.

"The economic harm caused by advanced malware is significant, although hard to quantify at the macroeconomic level or even for individual organisations. It is hard to quantify because, for example, in the case of loss of intellectual property (IP) - often the most immediate target of a successful malware attack - there is no widely accepted means of valuing IP prospectively."

A key plank of last year's legislative amendment governing the GCSB was splitting its information assurance activities from its cyber-security and cooperation functions to let the agency play a major role in the wider cyber-security domain, as host of the National Cyber Security Centre and sharing its capabilities and expertise with other agencies.

The GCSB won't procure or develop bespoke systems, instead integrating and components already available and tested over several years, including widely available commercial off-the-shelf systems, single source systems, and some available only through government-to-government agreement.

Key released the declassified papers yesterday in response to claims by Intercept journalist Glenn Greenwald and former US National Security Agency contractor-turned-whistleblower fugitive Edward Snowden, that New Zealand's GCSB embarked on plans to implement mass metadata surveillance, including the tapping of the Southern Cross Cable, in 2012 and 2013, in an initiative called 'Speargun'.

Key has insisted that the GCSB hasn't undertaken mass surveillance of New Zealanders or collects their metadata, and said the highest form of protection considered by the agency was never completed nor put to Cabinet.

Project Cortex wasn't seen as causing material privacy issues, with controls including how data is access, stored, shared and disposed of. The business plan said there will be no mass surveillance, and that data will be accessed by GCSB only with the consent of owners of relevant networks or systems.

According to a minute to a July 28, 2014 meeting, Cabinet decided against pursuing the GCSB's recommended option, which included the pilot ISP sharing programme. Instead, it directed the spy agency to consult with the Minister for Communications and Information Technology, currently Amy Adams, on plans to involve an ISP, and to report to Key, the Minister responsible for the GCSB, and the IT minister on the implications of including an ISP in the project.

The 'active' option backed by Cabinet would be 10 percent cheaper than the 'proactive' option preferred by GCSB, and would forgo a third of the benefits with "far fewer" organisations receiving the malware disruption service. That in turn would reduce security risk as GCSB technology wouldn't be shared with an ISP.

The GCSB is to report back to ministers with an option to embark on the pilot by September 2015, and a funding contingency was extended to Jan. 31, 2016.

The business case was reviewed in May and June of this year by Key as GCSB minister, Adams as IT minister, Finance Minister Bill English, Economic Development Minister Steven Joyce, Foreign Affairs Minister Murray McCully, Defence Minister Jonathan Coleman and Attorney-General Chris Finlayson.


© Scoop Media

Business Headlines | Sci-Tech Headlines


BusinessNZ: Third Snapshot Report Reveals $9.5 Billion Business Investment In Climate Action

Signatories to the Climate Leaders Coalition have committed to invest $9.5 billion over the next five years to reduce emissions from their businesses, as revealed in their third anniversary snapshot report released today... More>>

Digitl: The home printer market is broken
Printers are more of a security blanket that a serious aid to productivity. Yet for many people they are not optional.
Even if you don’t feel the urge to squirt ink onto dead trees in order to express yourself, others will insist on printed documents... More>>

Serious Fraud Office: Commences Enquiries Into Allegations Of COVID-19 Wage Subsidy Fraud
The Serious Fraud Office has commenced a number of enquiries into alleged abuse of the Government’s COVID-19 Wage Subsidy. Director Julie Read said the allegations relate to multiple complex cases of potential fraud that have been referred to the agency following extensive investigations ... More>>

ComCom: Companies In Hot Water For Selling Unsafe Hot Water Bottles And Toys

A wholesaler and a retailer have been fined a total of $140,000 under the Fair Trading Act for selling hot water bottles and toys that did not comply with mandatory safety requirements. Paramount Merchandise Company Limited (Paramount) was fined $104,000 after pleading guilty in the Manukau District Court... More>>

Reserve Bank: Robust Balance Sheets Yield Faster Economic Recovery

Stronger balance sheets for households, businesses, financial institutions and the government going into the pandemic contributed towards maintaining a sound financial system and yielding a faster economic recovery than following previous deep recessions... More>>

Transpower: Releases Independent Report Into Events Of August 9
Transpower’s Chief Executive Alison Andrew has today released an independent report into the grid emergency of August 9 when insufficient generation was available to meet demand, leading to some customers being disconnected... More>>