TOP SECRET//SI//REL TO USA, FVEY (U//FOUO) SUSLOW Monthly Report for March 2013 (U) March highlights: - - (U) Intelligence update: o o (TS//SI//REL TO USA, FVEY) GCSB has a WARRIORPRIDE capability that can collect against an ASEAN target. The authorization has expired; GCSB is working to reestablish it. GCSB is also working on the data transfer mechanism from GCSB to NSA. o (S//SI//REL TO USA, FVEY) Provided input to the GCSB 3-5 year HF strategy. The strategy outlines recommended improvements to the Tangimoana station, to include replacing the antenna system and upgrading the collection capability to a wide-band GLAIVE. The proposal should go to the GCSB Board of Directors shortly for final decision. o (U//FOUO) , Deputy Director Intelligence, is on a six month assignment to the Department of Internal Affairs. He doesn’t anticipate returning to GCSB. is Acting DDI until 10 April. A longer term replacement has not been named yet. (U) IA/Cyber update: o (S//REL TO USA, FVEY) GCSB has identified the following 4 key investment objectives in response to the increase of targeted cyber threats within New Zealand: - Make networks and systems less vulnerable to cyber exploitation - Improve detection of intrusions that use known tools/techniques - Increase discovery of new and previously unknown tools/techniques - Actively disrupt the source of intrusions before they cause harm o (U//FOUO) GCSB participated in a VTC with the Community Gold Standard team to discuss the use of the CGS capability areas to support a more holistic approach to network security and assurance. GCSB provided an overview of their risk management/asset management program and the CGS team provided background on CGS and the Manageable Network Plan. They also offered to align the existing GCSB mitigations with NIST 800-53 and then crosswalk these against the CGS capabilities. A follow-up VTC will be scheduled. o (C//REL) The 23rd Key Management Strategy Group (KMSG) event was hosted by GCSB from 19-22 March 2013 and was attended by representatives from each of the FVEYs partners. The NSA team participated via VTC along with the local NSA IA liaison. TOP SECRET//SI//REL TO USA, FVEY Classified By: Derived From: NSA/CSSM 1-52 Dated: 20070108 Declassify On: 20371001 TOP SECRET//SI//REL TO USA, FVEY o (U//FOUO) Established an information sharing link between the DIA’s Malware Analysis Team and FVEYs partners. Responding to positive feedback to a DIA report that was shared with GCSB cyber analysts, DIA agreed to add FVEYs partners to their distribution. (U) Issues: (U//FOUO) Three legislative proposals are being deliberated in NZ government that will affect GCSB’s operations: 1. (S//REL FVEY) Updates to the GCSB Act of 2003 to expand GCSG’s core functions to include support to external government agencies, and allow for support to the private sector for information assurance and cyber security. 2. (U//FOUO) Strengthened oversight from the Inspector General and the Intelligence and Security Committee 3. (U//FOUO) Network and supply chain security for NZ government organizations. (U//FOUO) The internal compliance review is complete. The report has been provided to Government. It will be shared with the FVEY partners the week of 8 April and will be made public on 17 April. (S//REL) The most recent development in the Dotcom litigation: the plaintiffs (Dotcom) have agreed to separate the GCSB case from the NZ Police case. NSA general counsel is working with GCSB’s chief legal advisor to understand any impact on NSA equities. (U) Senior visitors in March: None (U) Upcoming senior visitors for April: o (U//FOUO) (U//FOUO) POC: , PTC , SUSLOW, @nsa.ic.gov, TOP SECRET//SI//REL TO USA, FVEY