GCSB points finger at China for cyber hacks

Without a suspected Chinese spy sitting in the New Zealand parliament Xi Jingping – China’s president – has apparently ordered his cyber spies to have a crack at infiltrating the computer networks of government departments and businesses across the country.

New Zealand’s spy agency – GCSB – says it has established links between Chinese state-sponsored actors known as Advanced Persistent Threat 40 (APT40) and malicious cyber activity.

“New Zealand is today joining other countries in strongly condemning this malicious activity undertaken by the Chinese Ministry of State Security (MSS) – both in New Zealand, and globally,” says MP Andrew Little, the minister responsible for GCSB (all those spies and he still can’t get into Pike River).

The GCSB claims Chinese state-sponsored actors were responsible for the exploitation of Microsoft Exchange vulnerabilities in New Zealand in early 2021.

Andrew Little
The Honourable Andrew Little MP.

“New Zealand joins international condemnation of the exploitation of the Microsoft Exchange platform by Chinese state-sponsored actors, and the widespread and reckless sharing of the vulnerability, which led to other cyber actors’ exploitation of it,” says Little.

“We call for an end to this type of malicious activity, which undermines global stability and security, and we urge China to take appropriate action in relation to such activity emanating from its territory.

“The GCSB’s National Cyber Security Centre (NCSC) has provided direct support to New Zealand organisations that have been affected by this malicious cyber activity. For both national security and commercial in confidence reasons, these organisations are not identified publicly.”

According to the GCSB, around 30% of serious malicious cyber activity against New Zealand organisations recorded by the NCSC contains indicators that can be linked to various state-sponsored actors.