Cyber attackers have been successful in causing more than $1.9 million in losses for New Zealanders since April 2017 and $1.18 million of that was from the third quarter, according to CERT NZ’s latest Quarterly Report.
“Between 1 July and 30 September, CERT NZ received 390 incident reports of which the vast majority, 297, were responded to by CERT NZ,” comments CERT NZ director Rob Pope.
78 incidents involved cybercrime that was referred to the New Zealand police for action.
Of the $1,179,259 that was lost, 13% was attributed to financial loss; 5% data loss; 3% operational impacts; 2% reputational loss; 2% technical damage; and 7% was classed as ‘other’.
Pope explains that CERT NZ was launched by the Government in April 2017 with the aim of taking reports about cybersecurity incidents and helping New Zealanders recover.
“The reports we received in the quarter to 30 September show that our relative geographic isolation is no barrier to being affected by these threats,” Pope says.
The damage from ransomware attacks against New Zealand has dropped, despite high-profile attacks such as WannaCry this year. Pope says the reporting rate has dropped by more than 50%.
New Zealand businesses are facing more targeted attacks and phishing emails. 153 incidents involved phishing and credentials harvesting.
“As we noted in our previous report, targeted attacks are on the rise. In this quarter we’re seen an increase in invoice scams impacting New Zealand businesses through a range of means,” he explains.
The report explains the definition of a basic invoice scam as one that sends out fake invoices disguised as invoices for well-known services, such as Xero, PayPal, Office 365 and Apple.
“If recipients pay the bill, they lose their money. If they contact the scammers, the scammers will usually use a variety of social engineering tactics, ranging from persuasion through to bullying, to try and convince them to pay the fake invoice,” the report says.
It also highlights spear phishing and business email compromise scams, in which scammers impersonate a senior executive and ask an employee to pay an urgent bill.
“We have had several reports from businesses with overseas suppliers, who have received fake copies of the suppliers’ invoices. They have also reported that in some cases their suppliers were compromised by attackers, who altered invoices by changing the bank account number from them in order to steal money from legitimate transactions,” the report details.
37 incidents involved successful unauthorised access and 28 involved malware. On the other end of the scale, there were three incidents of command & control server hosting, one incident involving botnet traffic and one Denial of Service attack.
Pope says that any New Zealanders affected by cybersecurity issues should report them to CERT NZ.
“Our team is here to help people who have been affected by cyber security issues by giving them advice and assistance on how to avoid and overcome them. The more reports we receive, the more information we can share with New Zealanders to help them protect themselves,” he says.
If you or your organisation experiences a cyber security threat – or if you suspect you may have been exposed to one – contact CERT NZ any time or call 0800 CERT NZ, Monday to Friday, 7am – 7pm.
Read CERT NZ’s Q3 report here: https://www.cert.govt.nz/about/quarterly-report/q3-report/
Read more about CERT NZ:
- CERT NZ & Netsafe warn of scammers playing online blackmail hand
- NZTech chief: CERT NZ's cybersecurity report is the tip of a much bigger iceberg
- 364 incidents in just three months: CERT NZ reports from the cybersecurity frontline
- A triumph for cyber security: New Zealand's CERT team has finally been launched