New Zealand has joined the UK and other international partners in condemning malicious cyber activity conducted by the Russian Government.
Minister Responsible for the Government Communications Security Bureau, Judith Collins said the decision follows the UK’s attribution today of malicious cyber activity impacting its domestic democratic institutions and processes, as well as civil society organisations, to Russia’s Federal Security Service (FSB).
“New Zealand stands with the UK in calling out this behaviour,” Minister Collins said.
“New Zealand does not tolerate attempts to undermine the integrity of democratic institutions through cyber or any other means. NGOs and civil society organisations also play an important role in enabling social inclusion in our democracies, and any attempt to interfere with their ability to do that is unacceptable.
“Russia’s pattern of malicious cyber activity continues to demonstrate disregard for the framework of responsible state behaviour online and for the international rules-based order.
“This is a reminder to all New Zealand organisations to ensure they have strong cyber security measures in place and are protecting their data from all kinds of cyber harm.
“New Zealand condemns the unacceptable actions of Russian state actors and calls for all states to behave responsibly online,” she said.
The GCSB’s National Cyber Security Centre (NCSC) has issued a joint advisory warning of Russia-based actors carrying out targeted spear-phishing attacks for information-gathering purposes.
The new advisory formally attributes this activity for the first time and provides the latest threat information and mitigation advice to help reduce the chances of compromise.
The advisory has been issued in partnership with the UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), US Federal Bureau of Investigation (FBI), US National Security Agency (NSA), US Cyber National Mission Force (CNMF), Australian Cyber Security Centre (ACSC), and the Canadian Centre for Cyber Security (CCCS).
“This advisory, titled Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns, details the Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continuing to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other geographical areas of interest, for information-gathering activity,” NCSC said in a statement.
“The authoring agencies assess that Star Blizzard is almost certainly subordinate to the Russian Federal Security Service (FSB) Centre 18. Industry has previously published details of Star Blizzard, and this advisory draws on that body of information. This advisory raises awareness of the spear-phishing techniques Star Blizzard uses to target individuals and organisations.”
The advisory has been published on the NCSC’s website – www.ncsc.govt.nz.