Under cyber attack
It’s been quite a fortnight on the cyber battlelines, with the NZX appearing to be in hand-to-hand combat with DDoS attackers who kept their website on and off-line for days on end. Several organisations were drawn onto the battlefield, although they didn’t seem to suffer from the same prolonged attack. The public commentary moved from being amazed that the NZX had fallen foul of a DDoS attack to a discussion about the increase in sophistication of what was once considered a very blunt instrument. Interesting observations about what the NZX might have been up against came from Darkscope over in Reseller News.
Mainstream media have kept pace with the attacks and reported each twist and turn, often accompanying their articles with a photo of a person in a hoodie, their face in shadows, and 0s and 1s floating around them. Conforming to the narrative that cyber crime is the preserve of precocious teenage hackers tapping away in their parent’s basement, acting out on the world because they didn’t get invited to the cool kids’ party.
OK, so maybe we exaggerate the narrative, but the point is that cyber criminals are mostly in it for the money, and they are getting really good at it because it pays.
Mention of money, is the government spending enough on combatting cyber crime? Especially when across the Tasman the Australian government there announced in June 2020 an AU$1.4 billion spend and the intention to recruit 500 cyber spies. Here’s what GCSB Minister Andrew Little had to say when we asked him:
New Zealand’s Cyber Security Strategy was reviewed and refreshed in July last year and investment is regularly reviewed as part of the government’s annual budget process.
The total GCSB budget for 2020-21 is $221.3 million. Budget 2020 saw the intelligence agencies receive an extra $146 million over the next four years, with just over $100 million allocated to the GCSB. Around half of this extra funding is to deliver new capabilities for the GCSB, including cyber security and the Government Chief Information Security Officer (GCISO) function. This funding increase followed a separate $50 million increase in Budget 2019.
Little notes that the GCSB’s role through the National Cyber Security Centre is to provide cyber security response services and advice to New Zealand organisations of national significance to protect their information systems from high-impact and advanced cyber-borne threats. Most of this advice is publicly available for any organisation to use.
Public cloud assault
Some of our largest and most high-profile companies are racing to the public cloud. Fonterra is picking Microsoft Azure, Bank of New Zealand is hedging its bets on both Azure and AWS, while Weta Digital has announced its going “all-in” with Amazon Web Services. Yep, the people that brought to life Middle Earth and forever changed the nation’s PR from being a “land of sheep” to a “land of hobbits” are moving to the AWS camp.
“By adopting AWS’s ultra-scale infrastructure, we can implement a proprietary cloud pipeline and globally scale our production to greater levels than ever before,” says Prem Akkaraju, CEO of Weta Digital in the official announcement. “AWS services, such as machine learning and data analytics, will help Weta deliver projects faster and more cost effectively, and our customers will enjoy the fruits of Weta Digital’s continuous innovation.”
Telco wars will not commence
A headline like “Mobile Termination Access Services to remain regulated for now” has the power to bring on a headache. Not because the regulation remains in place—but because there was some discussion that it might be removed. But buried in the final paragraph of the Commerce Commission’s media release is the explanation that by law it has to revisit this topic every five years to see if the regulation should be removed.
MTAS is the regulated wholesale rate that mobile telcos pay each other to terminate calls on their network. Before it was introduced, we saw the proliferation of ‘on-net’ calling, as customers were incentivised to stay on the same network. This led to Vodafone being dominant north of the Bombay Hills and Telecom (now Spark) dominant in the rest of the country—making it hard for a third player, 2degrees, to enter the market and provide some much-needed competition.
Many were the hours we spent in windowless conference rooms reporting on the arguments, as the telcos lawyered up and fought their side. We never want to go back there.