GCSB sees potential for 'significant' malware disruption from Vodafone Cortex pilot
By Paul McBeth
Oct. 24 (BusinessDesk) - Vodafone New Zealand's pilot programme for the Government Communications Security Bureau showed
the Cortex technology could "significantly" dent malicious software incursions.
The country's second-biggest internet service provider launched the 'Malware-Free Networks' pilot by the GCSB last year,
using top-of-the-line technology to protect a small number of its commercial customers from a growing number of cyber
attacks. GCSB was scheduled to report back to Cabinet in the first quarter of this year with options for the future of
programme, with any extension needing ministerial approval.
"GCSB has provided a report to Cabinet on the Malware-Free Networks pilot indicating its potential to disrupt a
significant volume of malicious activity," a spokesman said in an emailed statement. "We are continuing to work with
Vodafone to maintain the Malware-Free Networks capability until a decision has been made about post-pilot options, and
will provide a further report back to Cabinet."
Malware threats accounted for about 17 percent of the government's Computer Emergency Response Team (Cert NZ) direct
responses in its three months of operation, the second most common category behind phishing.
Any potential extension will now fall to the new government, with Prime Minister-elect Jacinda Ardern indicating she
planned to take the intelligence portfolio, and ministers are expected to get their warrants on Thursday.
The GCSB had been keen to test its Cortex technology with an ISP since 2014, however, Cabinet wanted the intelligence
agency to report back before signing off on such a deal.
The Cortex system became public when former Prime Minister John Key declassified some documents in response to claims by
Intercept journalist Glenn Greenwald and former US National Security Agency contractor-turned-whistleblower fugitive
Edward Snowden that New Zealand's GCSB embarked on plans to implement mass metadata surveillance, including the tapping
of the Southern Cross Cable, in 2012 and 2013, in an initiative called 'Speargun'.
Project Cortex wasn't seen as causing material privacy issues, with controls including how data is access, stored,
shared and disposed of. The business plan said there will be no mass surveillance, and that data will be accessed by
GCSB only with the consent of owners of relevant networks or systems.