The PDS is designed to strengthen New Zealand’s cyber resilience against phishing by stopping it before it causes wide-spread harm. You can see an outline of how the PDS works in the diagram below.
New Zealand and overseas partners provide phishing indicators to CERT NZ which are then verified before being distributed via an API to subscribers. This source of high-confidence phishing indictors can then be used by disruption partners, to protect their staff, customers, and users. The service can be integrated with other systems and platforms to increase an organisation’s resilience against phishing attempts.
The PDS can be used alongside commercial threat intelligence tools to defend against the full spectrum of cyber threats faced by New Zealand organisations.
The more indicators received, the more can be blocked. CERT NZ is interested in receiving new phishing campaigns that aren’t being caught by existing filters; i.e. if a phishing email is found in a user’s inbox, and especially if it succeeds in capturing their details, please consider sending it to CERT NZ for ingestion into the PDS. Any organisation or individual can submit phishing indicators by emailing them to phishpond@ops.cert.govt.nz
Companies that monitor and manage security systems on behalf of clients (‘managed security service providers’ or MSSPs) use the service to protect their customers from phishing campaigns. While individual organisations can apply to subscribe to the API, for most customers, the easiest integration path is to talk to your MSSP about integrating with the PDS.
You can find more information on how to integrate with the PDS directly on the Ministry of Business, Innovation and Employment’s API portal.
Phishing Disruption Service External Link
— business.govt.nz