1
00:00:00,120 --> 00:00:04,000
Speaker 1: New Zealand Cyber Agency is warning twenty six thousand kiwis

2
00:00:04,000 --> 00:00:07,600
Speaker 1: that their computers have been infected with malicious software. The

3
00:00:07,680 --> 00:00:11,959
Speaker 1: National Cybersecurity Center or NCSC, which sent out the emails

4
00:00:11,960 --> 00:00:15,960
Speaker 1: today warning users about a possible infection. They say the

5
00:00:16,000 --> 00:00:19,600
Speaker 1: software has stolen sensitive information connected to bank accounts and

6
00:00:19,720 --> 00:00:22,680
Speaker 1: government systems. So what is it? Who got it? How

7
00:00:22,680 --> 00:00:26,560
Speaker 1: do we know? Patrick Sharp, general manager of AURA Information Security,

8
00:00:26,600 --> 00:00:28,560
Speaker 1: joins me. Now, Patrick, good afternoon.

9
00:00:28,880 --> 00:00:30,800
Speaker 2: Good afternoon, So how did this?

10
00:00:30,920 --> 00:00:33,000
Speaker 1: Can we go back to the beginning. Do we know

11
00:00:33,080 --> 00:00:37,400
Speaker 1: how this malware might have got into our systems, what

12
00:00:37,520 --> 00:00:40,000
Speaker 1: sort of email it or how it got in?

13
00:00:41,280 --> 00:00:44,279
Speaker 2: So this sort of malware can actually be delivered through

14
00:00:44,280 --> 00:00:48,639
Speaker 2: a range of different mechanisms. There is some mechanisms such

15
00:00:48,680 --> 00:00:52,240
Speaker 2: as people going on Facebook and getting links to download

16
00:00:52,280 --> 00:00:57,760
Speaker 2: aim this generation software, just malicious websites. There's one instance

17
00:00:57,800 --> 00:01:00,760
Speaker 2: of the game having this in it, so it could

18
00:01:00,760 --> 00:01:02,080
Speaker 2: be a variety of different means.

19
00:01:02,280 --> 00:01:04,319
Speaker 1: So not necessarily because I always think if I don't

20
00:01:04,319 --> 00:01:06,400
Speaker 1: click on any emails, then I'm not going to get

21
00:01:06,440 --> 00:01:08,360
Speaker 1: in any trouble. But actually you could just go to

22
00:01:08,400 --> 00:01:10,520
Speaker 1: a website and click on something and pick it up

23
00:01:11,120 --> 00:01:15,920
Speaker 1: potentially yes, yeah, okay, what's the software called the malicious software?

24
00:01:15,959 --> 00:01:16,679
Speaker 1: And what does it do?

25
00:01:17,760 --> 00:01:21,920
Speaker 2: So it's called Luma Steeler and it's what's called a

26
00:01:21,920 --> 00:01:26,000
Speaker 2: Steeler malware. So basically what it does is steel information.

27
00:01:26,200 --> 00:01:30,119
Speaker 2: Pretty obvious. I guess that might include things I use, passwords,

28
00:01:30,120 --> 00:01:32,920
Speaker 2: created a card, information, anything saved in your browser, even

29
00:01:32,959 --> 00:01:33,920
Speaker 2: files from your computer.

30
00:01:34,640 --> 00:01:37,720
Speaker 1: Is it on my phone or my hard computer laptop?

31
00:01:38,640 --> 00:01:41,880
Speaker 2: This one seems to be affecting Windows based systems, so

32
00:01:41,920 --> 00:01:43,520
Speaker 2: it'll be your computer, okay.

33
00:01:44,280 --> 00:01:50,559
Speaker 1: And how does the government know whether my computer, my

34
00:01:50,720 --> 00:01:53,040
Speaker 1: Microsoft computer has been infected?

35
00:01:54,040 --> 00:01:56,680
Speaker 2: So nccly noted that they've been alerted to this by

36
00:01:56,680 --> 00:02:02,640
Speaker 2: their partners. That presumably means that another organization overseas has

37
00:02:02,640 --> 00:02:05,520
Speaker 2: actually found a trove of data which has been stolen

38
00:02:06,000 --> 00:02:09,120
Speaker 2: and then has said to NCC, there's a group of

39
00:02:09,160 --> 00:02:12,160
Speaker 2: email addresses here, and be concerned with how do I know.

40
00:02:12,120 --> 00:02:14,800
Speaker 1: If I've I mean, aside from the government email I

41
00:02:14,840 --> 00:02:17,360
Speaker 1: means saying, oops, you've got this. How do is there

42
00:02:17,400 --> 00:02:19,800
Speaker 1: any sign that you would have this on your computer?

43
00:02:20,800 --> 00:02:23,160
Speaker 2: No, these are this kind of software is designed to

44
00:02:23,240 --> 00:02:27,200
Speaker 2: run quietly in the background, so you wouldn't know the

45
00:02:27,240 --> 00:02:31,359
Speaker 2: only unless you're running antivirus software which has then detected

46
00:02:31,360 --> 00:02:34,800
Speaker 2: it and hopefully cleaned up after that.

47
00:02:35,120 --> 00:02:37,400
Speaker 1: Would antivirus software have detected.

48
00:02:36,960 --> 00:02:43,880
Speaker 2: This I presumably. However, these the sort of malware has

49
00:02:43,919 --> 00:02:48,640
Speaker 2: often changed, and so antivirus software has to continuously change

50
00:02:48,639 --> 00:02:52,240
Speaker 2: in order to update and make sure it can detect

51
00:02:52,480 --> 00:02:55,760
Speaker 2: new versions of it. So presumably for a period of

52
00:02:55,840 --> 00:02:56,800
Speaker 2: time it wasn't detected.

53
00:02:57,320 --> 00:03:00,239
Speaker 1: Patrick, Today we're talking about twenty three thousand email is

54
00:03:00,280 --> 00:03:03,360
Speaker 1: twenty three thousand people. In ten years time we'll be

55
00:03:03,400 --> 00:03:05,600
Speaker 1: talking about everyone. I mean, should we be putting any

56
00:03:05,639 --> 00:03:09,560
Speaker 1: of our information, our private information anywhere on our computers

57
00:03:09,639 --> 00:03:10,680
Speaker 1: or the internet generally?

58
00:03:13,919 --> 00:03:18,520
Speaker 2: Reality, this is a huge problem, these sorts of the

59
00:03:18,600 --> 00:03:21,600
Speaker 2: sort of malware and lots of data in general. But

60
00:03:21,639 --> 00:03:25,160
Speaker 2: we can't simply not put our data online. So we

61
00:03:25,240 --> 00:03:28,160
Speaker 2: have to become very aware of how we're actually managing

62
00:03:28,160 --> 00:03:31,440
Speaker 2: our data, where we're putting it, where it's been saved,

63
00:03:31,480 --> 00:03:32,480
Speaker 2: and who has access to it.

64
00:03:32,720 --> 00:03:34,800
Speaker 1: Patrick, appreciate your time this afternoon. Thank you very much,

65
00:03:34,840 --> 00:03:39,000
Speaker 1: Patrick Sharp, general manager at AURA Information Security. For more

66
00:03:39,080 --> 00:03:42,400
Speaker 1: from Heather Duplicy Allen Drive, listen live to news talks

67
00:03:42,400 --> 00:03:45,600
Speaker 1: it'd be from four pm weekdays, or follow the podcast

68
00:03:45,680 --> 00:03:46,640
Speaker 1: on iHeartRadio,