By TOM PULLAR-STRECKER
The Dominion Post
03 March 2008
Government security agency GCSB has confirmed it has stepped up efforts
to ensure government agencies don't inadvertently buy hardware
It says classified information could be at risk if computer networking
equipment was purchased from non-trusted sources.
A spokesman says GCSB has both voluntary guidelines and mandatory rules
that require equipment to adhere to certain international standards,
depending on the level of classified information they may handle.
While there has been no change in policy, GCSB has become more
"prescriptive" in applying those rules, the spokesman says.
The spokesman says there was no specific incident that had prompted
"We have got to be really careful in today's environment, and we see the
need to step up to that environment.
"It is a very complex world out there and it is changing day to day and
the threats are coming from multiple directions."
Industry magazine Computerworld reported that the "beefed up" policy
prevented the purchase of equipment manufactured in China, which has
been accused of engaging in electronic espionage, and other unnamed
The GCSB spokesman says the security agency's guidelines do not prevent
equipment from China from being used to handle lower levels of
He would not say whether, in practice, that was the case with more
sensitive material, but says GCSB does not "single out" any countries.
"The policy itself does not say which countries we can and can't
purchase components from."
The spokesman would not speculate on whether government agencies might
be discouraged in some circumstances from using a new mobile phone
network that is being built by NZ Communications with the assistance of
Chinese network equipment giant Huawei.
Industry analyst Ovum last week said that Huawei's aggressive expansion
into the global network equipment market had "struck fear into the
hearts of the established equipment providers."
The company was emerging as a serious force in the software market with
software sales last year of US$1.4 billion, it said.
In May last year, Germany's domestic intelligence service discovered
computers in the office of the German chancellor, Angela Merkel, and
other ministries had been hacked, suspecting China's People's Liberation
Army of involvement.
German magazine Der Spiegel reported that the incident triggered fears
in Germany that China might also have infiltrated the computer systems
of leading German businesses in order to steal technology secrets.
Subscribe to InfoSec News