Te Tiro Whānui a te Tumuaki Ahurei
It is my privilege to bring you our first Government Communications Security Bureau (GCSB) annual report since I took up the role of Director-General in October 2023. I’d like to begin by acknowledging the leadership of Bridget White, who led the GCSB as Acting Director-General for the first part of this reporting year.
The GCSB exists to help uphold New Zealand’s democratic way of life. This undertaking was brought into sharp focus this year when, together with impacted partners, the New Zealand Government called out the People’s Republic of China for an earlier intrusion into New Zealand’s Parliamentary digital network.
This state-sponsored cyber intrusion is emblematic of the evolving nature of our security environment. While quick actions by the affected organisations and the technical expertise of the National Cyber Security Centre (NCSC) limited the extent of this intrusion, cyber threats to New Zealand’s digital infrastructure are changing and growing. Together with our partners, we continue to defend against an increasingly complex array of threats.
Our operating environment across all of our work streams remains demanding. Geopolitical tensions continue to intensify as traditional great powers become increasingly polarised. Large-scale conflicts are taking place around the globe, including the illegal and unprovoked Russian invasion of Ukraine – now in its third year – and the Israel-Gaza conflict, which at the time of writing has the potential to spill into a yet broader conflict.
The pace of geopolitical deterioration in recent years, and its impact on the rules-based architecture, has placed a greater significance on the GCSB’s unique and legally mandated capabilities. Our mission is to provide our customers with intelligence advantage and cyber resilience to successfully navigate an unpredictable world. This means better understanding the implications of conflict, including displaced populations and humanitarian crises, the erosion of rules-based norms, disrupted supply chains and increased commodity prices. It also means understanding when some states are working counter to our values.
We also see activity of concern in our region. The Pacific faces a range of security issues, the most existential of which is climate change. However, we also note the familiar threats of transnational crime, corruption and foreign interference.
New Zealand’s national security is intrinsically connected to the Pacific region. The strong relationships New Zealand has across the Pacific are of great significance to us.
We are also focused on national security threats within our borders. Over the past year we have partnered with domestic agencies to help disrupt a range of threats targeting New Zealand, including foreign interference, transnational criminal operations and violent extremist threats.
The GCSB makes a unique and highly valued contribution to global counter-terrorism efforts, including assisting with the disruption of attack planning. In addition to formally designated terrorist entities, this work has also focussed on identity motivated violent extremists. As current global conflicts and tensions increase, our efforts to counter terrorism will likely rise.
An enduring function of the GCSB is to support the safety of New Zealanders overseas, where there is a national security nexus. This includes supporting the safety of New Zealand Defence Force (NZDF) personnel, some of whom are stationed in conflict zones. In the reporting year, New Zealand sent personnel to the United States-led coalition working to uphold maritime security in the Red Sea, while sustaining the deployments of other NZDF personnel to various commands in the Middle East.
Returning to our cyber security mission, in the reporting year we recorded 7,122 incidents, of which 343 had the potential to cause high impact at the national level. Of these, 32 percent indicated links to state-sponsored actors, while 19 percent were likely criminal or financially motivated. Similar to last year, the most significant incidents we recorded were predominantly associated with ransomware or other extortion activity. The other 6,779 incidents mostly affected individual New Zealanders or small to medium businesses. While these did not require specialist technical attention, they remain highly impactful for those they affect.
The publicly attributed PRC cyber-attack on New Zealand Parliamentary systems in 2021 underscores why New Zealand needs robust and resilient cyber security. Our capability to defend New Zealand against threats such as these is expanding. Alongside our CORTEX suite of services, our Malware Free Networks® (MFN) service provides real-time detection and disruption of cyber threats. This is delivered through third-party cyber security services, and internet and mobile providers. As at the end of this reporting year, MFN had clocked up more than 10 million malicious cyber disruptions since its launch in 2021. To date, it has protected New Zealanders from 5.5 million attempts to find and exploit vulnerabilities, 3.3 million phishing links, and 4,000 attempts to download malware.
Our mandate to build New Zealand’s cyber resilience to cyber-attacks also expanded this year. In July 2023, the Government announced the integration of New Zealand’s Computer Emergency Response Team (CERT NZ) with the GCSB to create a single lead operational cyber security agency for New Zealand. Prior to this integration, the NCSC’s support focused on government departments, key economic generators, niche exporters, research institutions and operators of critical infrastructure. With the integration of CERT NZ, our support is extended to a wide range of businesses, organisations and individuals who may be affected by cyber security incidents.
This reporting year, we stepped up our efforts to assist Pacific governments to bolster their cyber resilience. Our cyber security work now goes beyond our borders through our Pacific Partnership Programme, which provides cyber security support and capacity building, further strengthening resilience in the Pacific region.The cyber threats we face are evolving at a remarkable pace, and so too must the public sector’s approach to security as our digital infrastructure shifts further into a modern domain, and emerging technology, such as artificial intelligence and quantum computing play a larger role in our lives.
A critical part of the Government’s future digital infrastructure is nearing completion with the all-of-government data centre at RNZAF Base Auckland (Whenuapai). Once completed, we will operate the facility on behalf of a range of New Zealand Government agencies, assisting them to securely store their most protected information. This build helps strengthen not just the GCSB’s resilience but also that of other New Zealand Government agencies.
Resilience is a particular focus for us as we look to the future, not only in securing our information but in ensuring the GCSB is on financially sustainable footing. We have delivered Budget 2024 savings for the next financial year, and we have an agency-led programme in place to operate within our means.
Our ability to achieve our mission relies on our specialist intelligence and cyber security capabilities, our legal mandate, and our international and domestic partnerships. We must remain focussed and equipped to meet the challenges of a deteriorating international security environment.
Most of all though, our ability to achieve our mission depends on our diverse and talented workforce. Our people continue to demonstrate great resilience and stamina through several complex and challenging issues. To all those who have supported our mission this year, I thank you.
Ngā mihi nui,
Andrew Clark
Te Tumu Whakarae mō Te Tira Tiaki
Director-General of the GCSB