New Zealand Warns Of Impending Mass Hacking Operation

Uploaded on 2024-12-09 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

New Zealand’s national cyber security agency (NCSC-NZ)  is warning about a mass hacking operation underway and perpetrated by the Chinese state-sponsored Salt Typhoon hacking group. This operation is similar in scope to the recent attack on US telecoms services, which succeeded in listening  to telephone conversations, intercepting text messages and stealing user data.

The NCSC-NZ has published its advisory following detailed consultation with US cyber security agencies, following their recent warning that  Salt Typhoon has penetrated leading telecoms and broadband operation across the USA.

"This advisory details the best protection against a People’s Republic of China… that has compromised networks of major global telecommunications providers... New Zealand organisations operate similar networks to our international partners so we encourage New Zealand telecommunications and other organisations with on-premises enterprise equipment to apply the best practices outlined in this guide."

The US exploit has resulted has generated a high level of concern following classified briefings to the US President Joe Biden and Senators by the security agencies. An unnamed US  official told reporters that, "We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on." 

The leading US mobile operator Verizon said it became aware several weeks ago that a "highly sophisticated" attack had got into its networks. According to  US Senator Rick Scott, who attended the Presidential briefing, "They have not told us why they didn't catch it; what they could have done to prevent it,"

The NCSC-NZ  advisory is the latest of several such warnings  about cyber attacks against New Zealand's infrastructure and institutions which  the government has blamed on  China.

NCSC-NZ   |   GCSB   |   RNZ   |   CISA   |   New Zealand Govt.   |    Washington Post   

Image: Astrid Querubin

You Might Also Read: 

New Zealand Health Service Under Attack

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Will Be Banned In The USA
The Critical Priorities For CIOs In 2025 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

Seekurity

Seekurity

Seekurity is an information security consulting firm specialized in all areas of Cyber Security including Penetration Testing, Vulnerability Assessments and Risk Management.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Trust Stamp

Trust Stamp

Trust Stamp provide Identity and Trust as a Service to answer two fundamental questions: “Who are you?” and “Do I trust you?"

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Cyber & Data Protection

Cyber & Data Protection

Cyber & Data Protection Limited supports Charities, Educational Trusts and Private Schools, Hospitality and Legal organisations by keeping their data secure and usable.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.

Softanics

Softanics

Softanics’ ArmDot protects .NET apps with advanced obfuscation, control flow protection, and virtualization, securing code against reverse engineering without requiring agents or environment changes.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.