AOH :: ISNQ5314.HTM

GCSB confirms action on spyware

GCSB confirms action on spyware
GCSB confirms action on spyware


http://www.stuff.co.nz/stuff/4423845a28.html 

By TOM PULLAR-STRECKER 
The Dominion Post 
03 March 2008

Government security agency GCSB has confirmed it has stepped up efforts 
to ensure government agencies don't inadvertently buy hardware 
containing spyware.

It says classified information could be at risk if computer networking 
equipment was purchased from non-trusted sources.

A spokesman says GCSB has both voluntary guidelines and mandatory rules 
that require equipment to adhere to certain international standards, 
depending on the level of classified information they may handle.

While there has been no change in policy, GCSB has become more 
"prescriptive" in applying those rules, the spokesman says.

The spokesman says there was no specific incident that had prompted 
that.

"We have got to be really careful in today's environment, and we see the 
need to step up to that environment.

"It is a very complex world out there and it is changing day to day and 
the threats are coming from multiple directions."

Industry magazine Computerworld reported that the "beefed up" policy 
prevented the purchase of equipment manufactured in China, which has 
been accused of engaging in electronic espionage, and other unnamed 
countries.

The GCSB spokesman says the security agency's guidelines do not prevent 
equipment from China from being used to handle lower levels of 
classified information.

He would not say whether, in practice, that was the case with more 
sensitive material, but says GCSB does not "single out" any countries.

"The policy itself does not say which countries we can and can't 
purchase components from."

The spokesman would not speculate on whether government agencies might 
be discouraged in some circumstances from using a new mobile phone 
network that is being built by NZ Communications with the assistance of 
Chinese network equipment giant Huawei.

Industry analyst Ovum last week said that Huawei's aggressive expansion 
into the global network equipment market had "struck fear into the 
hearts of the established equipment providers."

The company was emerging as a serious force in the software market with 
software sales last year of US$1.4 billion, it said.

In May last year, Germany's domestic intelligence service discovered 
computers in the office of the German chancellor, Angela Merkel, and 
other ministries had been hacked, suspecting China's People's Liberation 
Army of involvement.

German magazine Der Spiegel reported that the incident triggered fears 
in Germany that China might also have infiltrated the computer systems 
of leading German businesses in order to steal technology secrets.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn

Site design & layout copyright © 1986- CodeGods