A Tongan cybersecurity expert says the country’s health data hack is a “wake-up call” for the whole region.

Siosaia Vaipuna, a former director of Tonga’s cybersecurity agency, spoke to RNZ Pacific in the wake of the June 15 cyberattack on the country’s Health Ministry.

Vaipuna said Tonga and other Pacific nations were vulnerable to data breaches due to the lack of awareness and cybersecurity systems in the region.

“There’s increasing digital connectivity in the region, and we’re sort of . . . the newcomers to the internet,” he said.

“I think the connectivity is moving faster than the online safety awareness activity [and] that makes not just Tonga, but the Pacific more vulnerable and targeted.”

Since the data breach, the Tongan government has said “a small amount” of information from the attack was published online. This included confidential information, it said in a statement.

Reporting on the attack has also attributed the breach to the group Inc Ransomware.

Vaipuna said the group was well-known and had previously focused on targeting organisations in Europe and the US.

New Zealand attack
However, earlier this month, it targeted the Waiwhetū health organisation in Aotearoa New Zealand. That attack reportedly included the theft of patient consent forms and education and training data.

“This type of criminal group usually employs a double-extortion tactic,” Vaipuna said.

It could encrypt data and then demand money to decrypt, he said.

“The other ransom is where they are demanding payment so that they don’t release the information that they hold to the public or sell it on to other cybercriminals.”

In the current Tonga cyberattack, media reports say that Inc Ransomware wanted a ransom of US$1 million for the information it accessed. The Tongan government has said it has not paid anything.

Vaipuna said more needed to be done to raise awareness in the region around cybersecurity and online safety systems, particularly among government departments.

“I think this is a wake-up call. The cyberattacks are not just happening in movies or on the news or somewhere else, they are actually happening right on our doorstep and impacting on our people.

Extra vigilance warning
“And the right attention and resources should rightfully be allocated to the organisations and to teams that are tasked with dealing with cybersecurity matters.”

The Tongan government has also warned people to be extra vigilant when online.

It said more information accessed in the cyberattack may be published online, and that may include patient information and medical records.

“Our biggest concern is for vulnerable groups of people who are most acutely impacted by information breaches of this kind,” the government said.

It said that it would contact these people directly.

The country’s ongoing response was also being aided by experts from Australia’s special cyberattack team.

This article is republished under a community partnership agreement with RNZ.

Article by AsiaPacificReport.nz

However, the Prime Minister said that the government’s robust firewall security systems were able to fend off these attempts.

Brown revealed this while speaking in support of the Financial Transactions Reporting Amendment Bill 2024, which was passed in Parliament last week.

The hacking attempts from overseas had, however, affected a couple of local companies in the hospitality industry in which their systems were compromised, he said.

“We were able to provide support to reduce any damage caused by these cyber security threats,” Brown said.

The Financial Transactions Reporting Amendment Bill’s primary purpose is to implement the recommended actions put forth by the Global Forum on Transparency and the Exchange of Information for Tax Purposes.

This Forum conducts peer reviews and assessments across over 130 jurisdictions in which Cook Islands is a member of. The aim of these reviews is to evaluate the country’s ability to cooperate effectively with established standards, Brown explained.

‘Increasing collaboration’
“The financial transactions reporting requirements that our country have signed up to is an example of the increasing collaboration among international jurisdictions to share information. Additionally, the need to protect the integrity of our financial centres and enhance our cybersecurity measures will only intensify as the world increasingly moves toward digital currencies.

“Our initial peer reviews took place in 2017, and the Cook Islands received a very positive rating for its capacity to exchange information.

“In light of the subsequent growth and improvements in both the quality and quantity of information exchanges, as well as enhancements to the standards themselves, a second round of assessment was initiated just last year. This latest round includes a legal framework assessment and peer reviews that also cover technical, operational, and information security aspects.”

Brown said that during this process several gaps in the legal framework were identified, and the Global Forum provided recommendations aimed at helping the country maintain a positive rating.

He said Cook Islands is required to address these recommendations by implementing the necessary legislative amendments by the 31st of this month in order to qualify for another round of onsite assessments and reviews in 2025.

The Prime Minister said the security of information is very important, and the security of tax information, in particular, is of significant importance to the Global Forum.

He added that some of the areas identified for improvement extend beyond legislative requirements.

Security codes
“For example, all doors in the RMD (Revenue Management Division) office that hold tax information must have security codes. The staff that work there must have proper identification cards with ID cards to swipe and allow access to these rooms,” Brown said.

“It is a big change from how our public service has operated for many years and maybe we do not see the actual need for this level of security. However, the Global Forum has its standards to maintain and we are obligated to maintain those standards, so we must follow suit.

“Not only that but now there’s also a requirement for proper due diligence to be conducted on employees or people who will work inside these departments. It is these sorts of requirements that compels us in our government agencies, many of them now to change the way we do things and to be mindful of increased security measures that are being imposed on our country. ”

Justice Minister Vaine “Mac” Mokoroa, who presented the Bill to Parliament, said: “The key concern here is to ensure that the Cook Islands continues to be a leader in the trust industry . . .  our International Trust Act has been at the forefront of the Cook Islands Offshore Financial Services Industry since its enactment 40 years ago, establishing the Cook Islands as a leader in wealth protection and preservation.”

“At that time, these laws were seen as innovative and ground-breaking, and their success is evident in the growth and development of the sector, as well as in the number of jurisdictions that have copied them, either in whole or in part.”

Mokoroa said that the Cook Islands Trust Companies Association, which comprises seven Trustee Companies licensed under the Trustee Companies Act, along with the Financial Supervisory Commission, conducted a thorough review of the International Trust Act and recommended necessary changes. These changes were reflected in the Financial Transactions Reporting Amendment Bill.

Republished from the Cook Islands News with permission.

Article by AsiaPacificReport.nz

The Daily Blog, New Zealand’s most important leftwing website of news, views and analyses at the heart of the country’s most conservative mediascape in years, has been hacked.

It was silenced yesterday for several hours but is back up and running today.

The Daily Blog editor and founder Martyn Bradbury launched the website in 2013 with the primary objective of “widening political debate” in the lead up to the 2014 New Zealand election.

Since then, the website has united more than “42 of the country’s leading leftwing commentators and progressive opinion shapers to provide the other side of the story on today’s news, media and political agendas”.

It has 400,000 pageviews a month.

“These moments are always a mix of infuriation and terror”, admitted Bradbury in an editorial today about the revived website and he raised several suspected nations for “cyber attack trends” such as “China, Israel and Russia”.

Bradbury, nicknamed “Bomber” by a former Craccum editor at Victoria University of Wellington, was once branded by the NZ Listener magazine as the “most opinionated man in New Zealand”

The website includes columns by such outspoken writers and critics as law professor Jane Kelsey, Green Party co-leader Marama Davidson, Palestinian human rights advocate and quality education critic John Minto, political scientist Dr Wayne Hope, social justice academic and former leftwing politician Sue Bradford, and political analyst Morgan Godfery.

It also hosts the popular live podcasts by The Working Group, which tonight features pre-budget “Economists of the Apocalypse Special” by Bradbury, with Matthew Hooton, Damien Grant and Brad Olson at 7.30pm on its revived website.

‘Sophisticated and tricky’
Explaining why The Daily Blog was displaying a “maintenance page” for most of the day, Bradbury said in his editorial:

The hack was very sophisticated and very tricky.

Thank you to everyone who reached out, these moments are always a mix of infuriation and terror.

We can’t point the finger at who did it, but we can see trends.

Whenever we criticise China, we get cyber attacks.

Every time we criticise Israel, we get cyber attacks.

Every time we criticise Russia, we get cyber attacks.

Every time we post out how racist NZ is, we get stupid cyber attacks.

Every time we have a go at New Zealand First’s weird Qanon antivaxx culture war bullshit we get really dumb cyber attacks.

Every time we criticise woke overreach we get cancelled.

This hack on us yesterday was a lot more sophisticated and I would be surprised if it didn’t originate offshore.

We have a new page design up and running in the interim, there will be updates made to it for the rest of week as we iron out all the damage caused and tweak it for TDB readers.

You never know how important critical media voices are until you lose them!

Bradbury added that “obviously this all costs an arm and a leg being offline” and appealed to community donors to deposit into The Daily Blog’s bank account 12-3065-0133561-56.

The Daily Blog can be contacted here.

Article by AsiaPacificReport.nz

A View from Afar – In this podcast, political scientist Paul Buchanan and Selwyn Manning analyse the advent of new technologies and the rise of hybrid warfare.

In this episode, Buchanan and Manning take you on a journey into a world that exists all around us, no matter where we live. But, it’s fair to say, it’s a world few realise exists and few realise how it is effecting them.

With the technologies that surround us, tech that we use every day, it has become easy to conduct indirect or non-attributable warfare using a variety of means.

There’s the grey area phenomena where opponent states undermine adversaries from within, sowing distrust, or fear, where there should not be. The purpose is to weaken public trust and a population’s resolve to support their government.

In an extreme situation, this form of hostilities can escalate into hybrid warfare using indirect and direct means, from cyber offensives to firepower.

To illustrate the issue, we will draw on the build-up to the Russian invasion of Ukraine, and also evaluate other locations around the world where there is evidence of hybrid warfare.

It may surprise you to realise how close to home are real world examples of hybrid warfare.

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

A View from Afar – In this podcast, political scientist Paul Buchanan and Selwyn Manning will analyse the advent of new technologies and the rise of hybrid warfare.

In this episode, we will take you on a journey into a world that exists all around us, no matter where we live. But, it’s fair to say, it’s a world few realise exists and few realise how it is effecting them.

With the technologies that surround us, tech that we use every day, it has become easy to conduct indirect or non-attributable warfare using a variety of means.

There’s the grey area phenomena where opponent states undermine adversaries from within, sowing distrust, or fear, where there should not be. The purpose is to weaken public trust and a population’s resolve to support their government.

In an extreme situation, this form of hostilities can escalate into hybrid warfare using indirect and direct means, from cyber offensives to firepower.

To illustrate the issue, we will draw on the build-up to the Russian invasion of Ukraine, and also evaluate other locations around the world where there is evidence of hybrid warfare.

It may surprise you to realise how close to home are real world examples of hybrid warfare.

Join Paul and Selwyn for this LIVE recording of this podcast while they consider these big issues, and remember any comments you make while live can be included in this programme.

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

Aotearoa New Zealand makes up a small portion of the world’s population, yet the country is being hit by a relatively bigger share of cyber attacks.

Chances are, you’re familiar with the term ‘distributed denial of service (DDoS) attack’. Not because your organisation has been subjected to one, but instead, the recent numerous, high profile attacks on local and global businesses have captured your attention.

With cyber attacks ramping up across the globe and Aotearoa New Zealand an attractive target, every business—no matter the size—must put protections in place.

What’s a DDoS attack?

Designed to disrupt the normal function of a server, DDoS attacks harness compromised computers and hardware like Internet of Things (IoT) devices to flood the target or its surrounding infrastructure with traffic. This influx can slow down or overwhelm a website or service, denying access to genuine traffic.

DDoS attacks are on the rise across the world, with attackers using different styles of malicious activity to take down websites and even using them as an attempt to extort money. Businesses from all industries were victims of ransom DDoS (RDDoS) attacks in 2021, and Q4 saw a 29% YoY and 177% QoQ increase.

New Zealand is a prime target

Only three active undersea submarine cables connect Aotearoa New Zealand to the outside world. In comparison to the rest of the world, this relatively small number makes it easier for the country’s networks to be overwhelmed.

In fact, the National Cyber Security Centre (NCSC) reported an increase in criminal or financially motivated actors with a significant national impact or potential to cause serious harm in its 2020-21 threat report (27% compared to 14% the year prior).

A spate of high profile, local businesses experienced repeated DDoS attacks over the last 18 months—from Vocus to one coordinated attack on NZ Post, MetService, Kiwibank, ANZ and Inland Revenue.

However, it is critical to note that organisations of any size can fall victim to a DDoS or RDDoS attack. No business is immune, and the impacts can be significant.

How can businesses prevent these types of attacks?

Most organisations in Aotearoa New Zealand are still trying to protect themselves using traditional security measures that are no match for a burgeoning tide of bots, ready to be mobilised against them in a few strokes of a keyboard.

While this might sound daunting, implementing good cyber security protections against DDoS attacks does not need to be.

1. Speak with your network provider to understand what DDoS mitigation services they offer and how much traffic they can mitigate before your organisation is affected. This is an added service for some providers, while others might charge surge pricing in the unlucky instance that your website is bombarded with traffic during a DDoS attack.
2. Ramp up your front-line protection. Engage a provider with specially designed network equipment or a cloud-based protection service to mitigate your business from incoming threats. Here, it’s essential to consider the potential risk to your company and consider the scalability, flexibility, reliability and network size of potential providers. For example, large-scale attacks have the potential to take out on-site network infrastructure, while cloud-based solutions can scale when mitigating attacks.

3. Create a DDoS attack incident response plan. The overwhelming nature of a DDoS attack can take out multiple systems and services, not just your website. And in the moment, it’s easy for panic to set in. Be proactive, create a dedicated DDoS incident response plan, and conduct exercises to ensure its effectiveness.

4. Regularly patch your systems, software and hardware. Developers regularly release updates to decrease or eliminate vulnerabilities in software. Applying these patches to operating systems, applications, and all network-connected devices in real-time is the simplest way to mitigate a cyber security attack. There’s a reason why patching is CERT NZ’s top critical control to protect organisations from being breached—don’t leave your business wide open.

A View from Afar – In this podcast, political scientist Paul Buchanan and Selwyn Manning will consider and analyse the most significant global issues that define 2021. The topics will include:

– Leadership: Trump, Putin, Xi, Biden,

– Pandemic: Impact of Covid-19 & variants on global security

– Security: Afghanistan, AUKUS, Autonomous Weapons, Cyber-Hackers/Attackers.

Join Paul and Selwyn for this LIVE recording of this podcast while they consider these big issues, and remember any comments you make while live can be included in this programme.

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

The Papua New Guinea government’s financial hub was hit by computer hackers last week, holding state officials at ransom, reports have revealed.

The ransomware attack on the Department of Finance’s Integrated Financial Management System (IFMS) happened last Thursday, locking out government workers who use the system to run the country’s entire financial system.

The Acting Treasurer, Finance Minister Sir John Pundari, confirmed the hacking but told the PNG Post-Courier that the system had been restored and no ransom was paid.

Sir John said workers were using a temporary accounting system after the IFMS was hit last week but did not reveal the real extent of the damage, saying only that the hackers did not steal anything.

However, they had damaged a system that now puts PNG’s national security at risk.

This is the first time the country’s central financial hub has been hit to such an extent.

Ransomware is a collection of malicious software variants, including viruses, designed by hackers to cause extensive damage or gain unauthorised access to computer networks.

‘Cyber-attack on core server’
“The Government Financial System suffered a cyber-attack in the form of ransomware infiltrating our core server at 1am on Friday, 22 of October 2021,” Sir John said.

“As a result of the ransomware infiltration, the Department of Finance’s IT network was compromised. The department immediately took precautionary steps by closing down the network systems.

“The department has now managed to fully restore the system, however, because of the risk we are playing it safe by not allowing full usage of the affected network.

“While we progress cleaning up the server environment, we have put in temporary measures.

“These include all government departments and agencies having access to commit and process cheques using a controlled environment in Vulupindi Haus.

“All provinces and districts will also have access to commit funds, through a controlled temporary arrangement.

‘Full restored’
“The department is conscious of the security and integrity of its data, thus, restoration of services to all government agencies, including at the sub-national level will be done gradually, bearing in mind the security of individual networks, so as not to compromise or allow any further spread of this malware or other viruses.

“At this stage I wish to state clearly that the government financial system has been fully restored.

“Department of Finance did not pay any ransom to the hacker or any of its third party agents. We have managed to restore normalcy.

“The government and the people of Papua New Guinea can be assured that the government’s financial services will continue as usual.”

Gorethy Kenneth is a senior PNG Post-Courier journalist. Republished with permission.

Article by AsiaPacificReport.nz

A View from Afar: Selwyn Manning and Paul Buchanan present this week’s podcast, A View from Afar with a deep-dive into cyber-attacks and hybrid warfare – Especially how 2021 has witnessed a Cold War II styled stand-off between global powers.

To re-cap, there has been:

• Allegations of a global-scale hack by the People’s Republic of China.
• There’s the Pegasus spyware scandal, where Israel has exported deep-tracking and targeting spyware to despots and authoritarian governments.
• Then there’s been the relatively silent mission-creep of Palantir as a Western-oriented Public Private Partnership-styled signals “facilitator”.

Paul and Selwyn discuss how all of this sets 2021 apart and adds up to an evolution of hybrid warfare capabilities.

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

A View from Afar: Selwyn Manning and Paul Buchanan will present this week’s podcast, A View from Afar, LIVE at midday Thursday and will do a deep-dive into cyber-attacks and hybrid warfare – Especially how 2021 has witnessed a Cold War II styled stand-off between global powers.

To re-cap, there has been:

• Allegations of a global-scale hack by the People’s Republic of China.
• There’s the Pegasus spyware scandal, where Israel has exported deep-tracking and targeting spyware to despots and authoritarian governments.
• Then there’s been the relatively silent mission-creep of Palantir as a Western-oriented Public Private Partnership-styled signals “facilitator”.

Paul and Selwyn will discuss how all of this sets 2021 apart and adds up to an evolution of hybrid warfare capabilities.

WE INVITE YOU TO PARTICIPATE WHILE WE ARE LIVE WITH COMMENTS AND QUESTIONS IN THE RECORDING OF THIS PODCAST:

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

New Zealand’s cyber security agency believes China has been behind numerous hack attacks spanning years.

The government joined Western allies and Japan in calling out Beijing for so-called state-sponsored hacks, including a major incursion in February when Microsoft email servers were targeted.

The US has charged four Chinese nationals — three security officials and one contract hacker — with targeting dozens of companies and government agencies in the United States and overseas under the cover of a tech company.

“What we do is when we see malicious cyber activity on New Zealand networks, that may be through our own capabilities that we have to help protect New Zealand networks or it may be something that’s reported to us, we look at the malware that’s used,” Government Communications Security Bureau Director-General Andrew Hampton told RNZ Checkpoint.

“We look at how the actor behaves. We look at who they might be targeting and what they do if they get onto a network.

“That allows us to build a bit of a picture of who the actor is. We then compare that with information that we receive, often from our intelligence partners who are also observing such activity.

“That allows us to make an assessment, and it’s always a probability assessment about who the actor is.

The APT 40 group
“In this case, because of the amount of information we’ve been able to access both from our own capabilities and from our partners, we’ve got a reasonably high level of confidence that the actor who we’ve seen undertaking this campaign over a number of years, and in particular, who was responsible for the Microsoft Exchange compromise, was the APT 40 group — Advanced Persistent Threat Group 40 — which has been identified as associated with the Chinese Ministry of State Security.

The RNZ National live stream.  Video: Checkpoint

“The actors here are state sponsored actors rather than what we would normally define as a criminal group. What we’re seeing here is a state sponsored actor likely to be motivated by a desire to steal information.”

Hampton said there was a blurring of lines between what a state agency does, and what a criminal group does.

“Some of the technical capabilities that previously only state organisations had, have now got into the hands of criminal groups.

“Also what we’ve seen in a range of countries is individuals who may work part-time in a government intelligence agency, and then may work part-time in a criminal enterprise. Or they may have previously worked in a state intelligence agency and are now out by themselves but still have links links back to the state.

“We don’t know the full detail of the nature of the relationship, but what we do know is the Ministry of State Security in China, for example, is a very large organisation with many thousands of of employees.

“So they are big organisations with people on their payroll but they also would have connections with other individuals and organisations.

Information shared with criminals
“Something else worth noting with regard to this most recent compromise involving the Microsoft Exchange, what we saw there is once the Ministry of State Security actors had identified the vulnerability and exploited it, they then shared that information with a range of other actors, including criminal groups, so they too could exploit it.

“This is obviously a real concern to see this type of behaviour occurring,” Hampton said.

All evidence showed the cyber attacks were all originating from mainland China, Hampton told Checkpoint.

He said such attacks would be aimed at stealing data or possibly positioning themselves on a system to be able to access information in the future.

“A common tactic we see, unfortunately, is there may be a vulnerability in a system,” Hampton said.

“It could be a generic vulnerability across all users of that particular system, and a malicious actor may become aware of that vulnerability, so they would use that to get onto the network.

“That doesn’t mean they will then start exfiltrating data from day one or something like that. They may just want to to sit there in the event that at some point in the future they may want to start doing that.

Malicious actors
“This exploitation of known vulnerabilities is a real concern. This is why all organisations need to keep their security patches up to date, because what can happen is you can have malicious actors use technology to scan whole countries to see who hasn’t updated their patches.

“They then use that vulnerability to get on the network and they may not do anything with it for some time. Or they might produce a list of all the organisations, say, in New Zealand who haven’t updated their patches.

“Then they make a decision – okay these are the four to five we want to further exploit.”

This article is republished under a community partnership agreement with RNZ.

Article by AsiaPacificReport.nz

A View from Afar: Selwyn Manning and Paul Buchanan present this week’s podcast, A View from Afar, where they analyse New Zealand’s national security strategy.

There has been no defence white paper since the John Key National-led governments and no comprehensive review of New Zealand’s strategic priorities, nor assessment of the region’s threat landscape both internal and external.

Now, with hybrid threats like cyberwarfare and terrorism adopting an “intermestic” (international and domestic) characteristic due to on-line recruitment and radicalisation, the perceived need is to develop a holistic national security strategy that addresses defence, security and intelligence needs of the 2020 decade.

But what does this all mean for New Zealand’s defence forces, intelligence community, and cyber-defence agencies?

ALSO: World Watch – The latest/recent round of elections in places like Peru, Mexico and Israel can be viewed as referendums on neoliberalism and national populism.

For example: You can see how Israel prime minister Benjamin Netanyahu has adopted Donald Trump-like rhetoric to describe his opponents.

A similar style has been used by the right wing in Peru as well as in Brazil.

The Peru election pits a socialist native Indian against Peru’s former dictator Fujimori’s daughter. She is a neoliberal conservative.

Both national populism and various socialist approaches have something in common: both ideologies reject neoliberal economic theory in principle and in fact.

With the left most likely to win the elections in Peru, and considering the challenges that Peru faces (including a pandemic where Covid-19 has raged through its communities positioning Peru as having suffered the highest recorded death rates in the world) the question begs, has neoliberalism run its course?

WE INVITE YOU TO PARTICIPATE WHILE WE ARE LIVE WITH COMMENTS AND QUESTIONS IN THE RECORDING OF THIS PODCAST:

You can comment on this debate by clicking on one of these social media channels and interacting in the social media’s comment area. Here are the links:

• Facebook.com/selwyn.manning
• Youtube
• Twitter.com/Selwyn_Manning

If you miss the LIVE Episode, you can see it as video-on-demand, and earlier episodes too, by checking out EveningReport.nz or, subscribe to the Evening Report podcast here.

The MIL Network’s podcast A View from Afar was Nominated as a Top  Defence Security Podcast by Threat.Technology – a London-based cyber security news publication.

Threat.Technology placed A View from Afar at 9th in its 20 Best Defence Security Podcasts of 2021 category. You can follow A View from Afar via our affiliate syndicators.

Click here to view onsite, or Twitter.com/Selwyn_Manning  or Facebook.com/selwyn.manning

—

Tonight, on Tech Now technology commentator Sarah Putt joins Selwyn Manning to check out what’s been happening in the tech world this week.

The show’s main points include:

What’s Happening in the Tech World?

• How and why international cyber attackers have New Zealand organisations in their sights?

• There are BIG Changes looming to how our Emergency services communicate. Why is this change coming? What’s the cost? And, what will it mean for you, and for first responders?

• Media Tech: Is print really dead? And, why is the New York Times a digital success story?

INTERACTION: Remember, if you are joining us LIVE via social media (SEE LINKS BELOW), you can make comments and even put Sarah on the spot with a few questions. We will be able to see your interaction, and include this in the LIVE show.

You can interact with the LIVE programme by joining these social media channels. Here are the links:

• Twitter.com/Selwyn_Manning
• Facebook.com/selwyn.manning
• Youtube

And, you can see video-on-demand of this show, and earlier episodes too, by checking out EveningReport.nz

The programme is the latest effort by EveningReport as it rolls out its public service webcasting programmes, produced by ER’s parent company Multimedia Investments Ltd.

ER’s Tech Now programme explores the latest tech trends both here in New Zealand and globally.

The programme’s format examines the tech world in the present and post-Covid-19 world. It looks at new innovations, what they mean to us as we grapple with the ‘new normal’. Tech Now also looks at the policy settings to see if they are a hindrance to progress or part of the solutions.

Evening Report’s Tech Now also includes audience participation, where the programme’s social media audiences can make comment and issue questions. The best of these can be selected and webcast in the programme LIVE.

Once the programme has concluded, it will automatically switch to video on demand so that those who have missed the programme, can watch it at a time of their convenience.

So join us on Facebook, Twitter, and Youtube as we will promote Tech Now via our social media channels and via web partners. It will also webcast live and on demand on EveningReport.nz, and other selected outlets.

Do bookmark EveningReport.nz and we look forward to you taking part in some robust live debate.

About Us: EveningReport.nz is based in Auckland city, New Zealand, is an associate member of the New Zealand Media Council, and is part of the MIL-OSI network, owned by its parent company Multimedia Investments Ltd (MIL) (MILNZ.co.nz).

EveningReport specialises in publishing independent analysis and features from a New Zealand juxtaposition, including global issues and geopolitics as it impacts on the countries and economies of Australasia and the Asia Pacific region.

The Government Communications Security Bureau (GCSB) has issued a warning to all New Zealand businesses to be prepared for cyber attacks, following almost a week of daily attacks on the New Zealand stock exchange (NZX).

The attacks have caused outages, sometimes for hours, of NZX’s public-facing website since Tuesday last week. This week, it continued trading under a new arrangement that allows it to post information to alternative platforms.

The attacks are part of worldwide malicious cyber activity and the government will likely share information via Interpol and government-to-government links, including the intelligence alliance know as Five Eyes.

The type of attack is known as a Distributed Denial of Service (DDoS). The attacker infects large numbers, often thousands or even millions, of computers with a virus that allows the attacker to instruct the infected computer – known as a “bot” – to send thousands of requests for data to the target.

In effect, this means millions of attempts to access a website at the same time. The website being attacked cannot respond to each one quickly enough so either it simply stops responding or responds to some but not all data requests.

Some people get the most up-to-date page and others don’t.

This is particularly damaging for financial information sites such as a stock market. They have a legal duty to give equal access to different users. They would normally shut down and stop trading for a while rather than allow some people to get information before others.

These attacks are not designed to steal data or do insider trading. They are generally set up to demand ransom from the victims, usually asking for thousands of dollars paid in bitcoin or another cryptocurrency which is effectively untraceable. Governments, terrorist organisations, political groups and even pranksters have also been known to use these attacks.

DDoS software is available on the dark web but also not very difficult to write. In many cases the people owning the bots will not be aware anything strange is happening.

The current attacks
Multi-day attacks have been rare but are becoming more common. The size of these attacks, including how many bots are used and their capacity to send requests, has been increasing.

Such multi-day attacks are potentially risky for the attackers as the defence team will be analysing the attacks, often using artificial intelligence tools, and should be able to respond more quickly to block illegitimate requests.

The defence against such attacks is based on being able to cope with the large number of requests, either by moving the website to a cloud-based system that can increase capacity quickly, or identifying bot requests and filtering them out by setting up a “whitelist” of legitimate users and excluding others.

This is normally done by firewalls at the level of each attacked entity, the internet service provider or, as in the case of New Zealand, at a country’s electronic border (for example, the Southern Cross trans-Pacific network of communications cables).

If an attack is coming from inside New Zealand, security software on the bot computer can normally remove the infection with up-to-date anti-virus software. Internet service providers can also detect this activity and may warn users or disconnect the infected machine until it is cleaned. But in this case, the attacks are coming from outside New Zealand.

The covid-19 pandemic means millions of people are working from home around the world, outside their normal corporate security, often using the family computer. Some people may be less careful about downloading software, particularly on illegal streaming sites, and may be using free or unsecured wifi networks. This makes infecting computers to turn them into bots much easier.

How to repond
Assuming this is a criminal gang, financial institutes are an attractive target. They rely on availability of service and potentially have money to pay ransoms.

In New Zealand, disaster management and recovery has tended to focus on responses to natural hazards rather than criminal activity. New Zealand does not have local cloud providers and expanding capacity is more difficult.

Even if NZX won’t pay a ransom, this attack is “advertising” for the criminal gangs that may act as “subcontactors” to larger criminal organisations.

The government’s aim will not be to catch the perpetrators in the short term but to share information on how to block the attacks. Normally the response is effective, but it can take some time to analyse details.

At the same time, other attacks (for example phishing to steal data) may use the confusion caused by the DDoS attacks to target potential victims. Organisations should encourage people to update their security software and remain vigilant.

In the future, as the internet of things (IoT) becomes more widespread, many billions of new devices will be connected to the internet. Security standards and forensic capability (storing data to analyse attacks) are not universal and there is a danger that these attacks will become more common and larger in scale.

Defence is possible
But defence is possible and both technical and policy approaches are getting better. Artificial intelligence tools for rapidly analysing attacks are the focus of research.

Support for governments in vulnerable areas is also increasing to enforce international agreements, clarify local law and share information between network providers. For example, Macau recently introduced a much tougher cyber security law which seems to have been very effective.

Dr Dave Parry is head of the Department of Computer Science, Auckland University of Technology. This article is republished from The Conversation under a Creative Commons licence. Read the original article.

Article by AsiaPacificReport.nz

For the best overall guide to what has happened in the Budget leak/hack scandal, see the just-published article by Henry Cooke: What we know and don’t know about the Budget ‘hack’. Amongst his rundown on the background to the scandal and the theories offered so far, Cooke points out that, rather than being hacked, the Treasury website might simply have been scanned by Google, allowing a cache of pages to become available to someone who has handed them on to the National Party.

Another leading explanation for how the Treasury’s Budget information was released early to National comes down to a simple but obvious idea that parliamentary staffers looked for and found the information on the Treasury website. This would also explain how National leader Simon Bridges could be so categorical in his insistence that his scoops weren’t based on hacking or illegality.

According to this theory, National had one of its Parliamentary staffers monitoring the Treasury website in the days leading up to Budget Day, constantly using the frontpage search bar on the site to look for “Budget 2019”. The hope being that at some stage some Budget documents would be loaded onto the site momentarily, in anticipation of Thursday’s publication, before they were then locked away for safety.

The story goes that by searching every five minutes or so, the National staffer eventually hit the jackpot when documents or pages turned up with the goods. It might have taken hundreds or even thousands of searches over a couple of days.

In fact, National Party pollster and blogger David Farrar has outlined a similar scenario based on his previous experience as a parliamentary staffer: “when I worked for the Opposition in 2000 or 2001, I recall waiting for the Government to release the Police crime stats. They always put a positive spin on it. I went to the Police website and looked at last year’s stats. I also looked at the previous year. They had the same URL format. I changed the year to the current one, and hey presto I had the official crime states four hours before the Government was due to release them” – see: My guess as to what happened.

Farrar argues that something similar may have happened, and it therefore wouldn’t constitute hacking: “So my guess is something similar has happened. That possibly the material was put up on a website of some sort and someone found it. Treasury are calling it hacking because they didn’t think it was open to the public. But there is a difference between hacking a secure computer system, and locating information that is on the Internet (even if hidden). Was there any cracking of passwords for example?”

But do such explanations fit with what Treasury are saying when they claim that their site has been “deliberately and systematically hacked”? It’s arguable either way. Certainly, some tech-specialists seem to think that something much more sophisticated must have happened – especially based on the fact that Treasury has called in the Police. For one of the most in-depth discussions of the potential hacking, see John Anthony’s Budget 2019: ‘They’ll remember it as the budget that got hacked’.

Despite some tech specialists believing that a sophisticated hack has occurred, one expert believes a software application might have simply found the material on the Treasury website: “Kiwi cyber security consultancy Darkscope technical director Joerg Buss said a likely scenario was that someone used a ‘spider or crawler’ program to find hidden content in the Treasury website. Such software may have uncovered Budget 2019 files which had not been protected properly, he said.”

It could also be as simple as using Google to search for the material, which is covered by Juha Saarinen in his article, Conspiracy or cock-up? Strong evidence Treasury published Budget accidentally – rather than a hack. He says that “screenshots of the results from a Google search for ‘estimates of appropriation 2019/2020’ are circulating on Twitter suggest that the data was published accidentally.”

Of course, the fact that Treasury has called in the Police would suggest that the government department believes that something much more sinister or malevolent has occurred. However, care needs to be taken in reading too much into this – especially since the Police haven’t even confirmed that they have agreed to investigate, except to say that they are assessing Treasury’s request.

Furthermore, whenever governments and officials call in the police or make claims that criminal actions have occurred in the political sphere, we should always be very sceptical. It’s the oldest trick in the bureaucratic book – to divert attention or to impugn an opponent with charges that they are mixed up in criminal activity. That’s not necessarily the case over the controversial budget leaks – it’s still far too early to tell what has happened.

This is certainly the argument made today by leftwing blogger No Right Turn, who suggests that government officials have a tendency, when they’ve made mistakes, to try to point the finger elsewhere, often using rather draconian measures to do so – see: Treasury, “hacking”, and incentives.

Here’s his main point about how politicians and officials are inclined to bring the police into politics: “Unfortunately the natural instincts of power in New Zealand are to double down rather than admit a mistake, and to call in the police when embarrassed – just look at the tea tape, or Dirty Politics. With those, we saw police raiding newsrooms and journalist’s homes. I’m wondering if we’re going to see police raiding the opposition this time. Which would be highly damaging to our democracy.”

The blogger says that “the bureaucratic incentive towards arse-covering and blame-avoidance pushes that to be reclassified as nefarious ‘hacking’, and that incentive gets stronger the higher up the chain (and the further away from IT knowledge) you get.”

Here’s his own explanation for the release of the information: “The most likely scenario is that Treasury f**ked up and left them lying around on their web-server for anyone to read, and National or one of its proxies noticed this and exploited it. Accessing unprotected data on a public web-server isn’t ‘hacking’ in any sense of the word – it’s just browsing.”

The onus is therefore on the Treasury to be much more transparent about what has happened writes Danyl Mclauchlan, saying a “brief technical explanation about what the ‘hack’ amounted to would be a lot more useful than all the bluster and nebulous waffle we’ve heard so far” – see: Budget hacking scandal: About time Treasury told us what actually happened.

Mclauchlan says that if it turns out that the leak has simply come from information on the Treasury website, “then we’ll be talking about the resignation of the Treasury Secretary, rather than National Party leader.”

The No Right Turn blogger doesn’t see the Government delivering such transparency any time soon: “neither Treasury nor their Minister has any interest in that (Ministers are rarely interested in incompetence in their own agencies, because it makes them look bad for allowing it). As for us, the public, we’re the loser, stuck with an incompetent, arse-covering public agency which has just failed on one of its most important tasks” – see: Treasury owes us answers.

He argues that the decision to go to the Police means that Treasury can now sidestep such accountability: “conveniently, by referring the matter to the police Treasury has ensured that they can never do that. It might prejudice the police investigation, you see. OIA requests can be refused to avoid prejudice to the maintenance of the law, and anyone who actually tells anyone anything can be prosecuted. Accountability of course goes out the window”.

That doesn’t get National off the hook, however, if the party has done something illegal in the way they have procured or used the Budget information. One lawyer who knows a lot about hacks is Steven Price, and he argues that the release by National of the information was not in “the public interest”, and that it appears to have “broken the law relating to Breach of Confidence” – see: Budget leak: Nats’ behaviour “entirely appropriate”?

Price says that he is “irritated at the sanctimoniousness of Simon Bridges’ denial that the Nats had done ‘anything approaching’ illegality.” He does admit however, that if National have obtained the Budget information “through some area of Treasury’s (or some other government) website that was technically publicly accessible, then that would at least raise arguments that it wasn’t confidential in the first place, because it was in the public domain.”

Herald political editor Audrey Young is also less than impressed with how Bridges has dealt with the matter today, saying: “Simon Bridges needed to do two things today when he fronted the news media about allegations of hacking Treasury and he did neither. He needed to say, at least in general terms, how he received the leak of Budget of documents. And he needed to say he had contacted the police to offer them any assistance they needed in their investigation” – see: Simon Bridges needed to do two things today and he did neither.

But for another view on the politics of it all, and an explanation of why Bridges’ manoeuvres have been smart, see Brigitte Morten’s National plays strong hand over politics jackpot. She argues that it’s in the public interest for National to be able to dispute the Government’s narrative over Budget spending, and to be able to point out the “lower than expected spending” in areas such as health “that the government doesn’t want you to reflect on.”

Finally, for a recent minor – but extremely colourful – Treasury controversy, involving the use of a transformative wellbeing experiment for staff, see Danyl Mclauchlan’s must-read investigation: Peace, Rest and the Monkey Emoji Moon: playing Heartwork cards at Treasury.