Andrew Hampton, director general of the Government Communications Security Bureau (GCSB), has joined international condemnation of last year's NotPetya cyber attack.
"While NotPetya masqueraded as a criminal ransomware campaign, its real purpose was to damage and disrupt systems,” said Hampton, after GCSB’s international partners today attributed the attack to the Russian government.
“Its primary targets were Ukrainian financial, energy and government sectors. However, NotPetya’s indiscriminate design caused it to spread around the world affecting these sectors world-wide."
NotPetya caused widespread damage and disruption to computer systems around the world last June.
Ukraine was hit particularly hard because, security researchers believed, the initial attacks were disguised in an automatic update to tax and accounting software used there.
"While there were no reports of NotPetya having a direct impact in New Zealand, it caused disruption to some organisations while they updated systems to protect themselves from it," Hampton said.
"This reinforces that New Zealand is not immune from this type of threat. In a globally connected world our relative geographic isolation offers no protection from cyber threats.
"We support the actions of our cyber security partners in calling out this sort of reckless and malicious cyber activity.”
In the 12 months to June 2017, nearly a third (122) of the 396 serious incidents recorded by the GCSB’s National Cyber Security Centre involved indicators that have previously been linked to state-sponsored actors.