Computerworld

Early challenge for NZ’s new cyber security response team

Just a week after the announcement of its formation, New Zealand’s new National Computer Emergency Response Team (CERT) has been called on to help the nation respond to a global ransomware attack of epic proportions.

The National Cyber Security Centre (NCSC) said it was working with the newly established CERT NZ to help protect New Zealanders from the ransomware known as WannaCry.

On May 12 IT security news site The Hacker News reported what said was “believed to be the most massive ransomware delivery campaign to date … [hitting] computer systems of hundreds of private companies and public organisations across the globe.

It said the Ransomware in question had been identified as a variant of ransomware known as WannaCry (also known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY').

It added: “What's interesting about this ransomware is that WannaCry attackers are leveraging a Windows exploit harvested from the NSA called EternalBlue, which was dumped by the Shadow Brokers hacking group over a month ago. Microsoft released a patch for the vulnerability in March (MS17-010), but many users and organizations who did not patch their systems are open to attacks.”

The NCSC said it was taking steps to help increase the resilience of New Zealand’s nationally significant systems, adding “We are also working with CERT NZ to provide information on how individuals, small businesses and operators of larger systems can reduce their vulnerability to ransomware attacks.”

In a statement issued at 14:30 hrs on 13 May, the NCSC said neither it nor CERT NZ have received any reports of a New Zealand incidence of the attack, and it urged anyone suffering an attack to contact CERT on www.cert.govt.nz.

CERT’s formation was announced on 5 May by communications minister Amy Adams who said it would be established with funding of $22.2m from the 2016 budget and would be the central component of New Zealand’s cyber security architecture responsible for monitoring, tracking and advising on cyber security incidents or attacks affecting New Zealand.

She also called for nominations of people to sit on an advisory Board to provide advice on the establishment, ongoing operation and longer-term organisational form of CERT.