In our review of the NZ Governments press release stand on “Condemning Malicious Cyber Activity By Chinese State-sponsored Actors” was claimed to be carried out as a
robust technical attribution process in relation to this activity by our own GCSB say’s Andrew Little, Minister
Responsible for the Government Communications Security Bureau so we have to agree with the GCSB findings.
New Zealand is today joining other countries in strongly condemning this malicious activity undertaken by the Chinese
Ministry of State Security (MSS)
“The GCSB has worked through a robust technical attribution process in relation to this activity. New Zealand is today
joining other countries in strongly condemning this malicious activity undertaken by the Chinese Ministry of State
Security (MSS) – both in New Zealand, and globally,” Minister Responsible for the Government Communications Security
Bureau Andrew Little said.
“Separately, the GCSB has also confirmed Chinese state-sponsored actors were responsible for the exploitation of
Microsoft Exchange vulnerabilities in New Zealand in early 2021.
“New Zealand joins international condemnation of the exploitation of the Microsoft Exchange platform by Chinese
state-sponsored actors, and the widespread and reckless sharing of the vulnerability, which led to other cyber actors’
exploitation of it.
“We call for an end to this type of malicious activity, which undermines global stability and security, and we urge
China to take appropriate action in relation to such activity emanating from its territory” Andrew Little said.
“This reinforces the importance of organisations and individuals having strong cyber security measures in place.
“The GCSB’s National Cyber Security Centre (NCSC) has provided direct support to New Zealand organisations that have
been affected by this malicious cyber activity. For both national security and commercial in confidence reasons, these
organisations are not identified publicly," Andrew Little said.
CEAC condones this Government stand on protecting our independence “we all must resist any exploitation of the Microsoft Exchange platform by Chinese state-sponsored actors, and the
widespread and reckless sharing of our own vulnerability, which led to other cyber actors’ exploitation’s of it, at all
cost as our own future security of our citizens depends on it” as according to the GCSB, “around 30 per cent of serious
malicious cyber activity against New Zealand organisations recorded by the NCSC contains indicators that can be linked
to various state-sponsored actors”.
CEAC says “the takeaway is - this is a large deliberate widely planned attack into our security and we strongly condemn
those malicious activities as criminal activities, and all those perpetrators must be caught and punished”.