GCSB links Chinese state-sponsored actors to NZ cyber attacks

The Government says it has "established links" of Chinese state-sponsored cyber attacks in New Zealand.

Minister of Health Andrew Little (file photo). Source: Getty

GCSB Minister Andrew Little said in a statement last night the agency had identified the actors to be Advanced Persistent Threat 40 (APT40).

Little said the GCSB had undergone "a robust technical attribution process" to confirm the malicious cyber activity in New Zealand.

"New Zealand is today joining other countries in strongly condemning this malicious activity undertaken by the Chinese Ministry of State Security – both in New Zealand, and globally,” he said. 

The condemnation from New Zealand puts it in line with the positions of the US, the EU, and the UK.

Your playlist will load after this ad

Thousands of computers in New Zealand were targeted in May after Chinese state-sponsored actors allegedly attacked Microsoft exchange’s email servers. Source: Breakfast

The GCSB has also confirmed Chinese state-sponsored actors were responsible for the exploitation of Microsoft Exchange vulnerabilities in New Zealand earlier this year, Little said.

"We call for an end to this type of malicious activity, which undermines global stability and security, and we urge China to take appropriate action in relation to such activity emanating from its territory," Little said.

The Chinese Embassy in New Zealand said the accusation was "totally groundless and irresponsible".

"China expresses strong dissatisfaction and firm opposition and has already lodged solemn representation with the New Zealand Government," a spokesperson said.

"The Chinese Government is a staunch defender of cyber security and firmly opposes and fights all forms of cyber attacks and crimes in accordance with law. Given the virtual nature of cyberspace, one must have clear evidence when investigating and identifying cyber-related incidents. Making accusations without prove is malicious smear."

The spokesperson said New Zealand should abandon "Cold War mentality" and be "professional and responsible" when handling cyber incidents, rather than "manipulating political issues under the pretext of cyber security and mudslinging at others". 

read more
NZ 'sleep-walked' into conflict between China and allies - expert

In March, it was feared hundreds and thousands of private and public sector organisations who used Microsoft Exchange email software could have been compromised. AUT computer science professor Dave Parry told RNZ at the time hackers could have used the vulnerabilities of the software to steal intellectual property or take information for blackmail. 

The GCSB said about 30 per cent of serious malicious cyber activity in New Zealand "contains indicators" that it can be linked to various state-sponsored actors.