Story image

$2.9 million gone: Kiwis hit by more than 500 cybersecurity incidents

30 May 18

The first three months of 2018 were busier than ever for cybercriminals, who managed to steal $2.9 million from New Zealanders through methods including phishing, fraud, ransomware, and website compromise attacks.

CERT NZ’s Q1 2018 quarterly report covers reports between January 1 and March 31. Although the losses are a slight drop from the $3.4 million reported last quarter, CERT NZ director Rob Pope says they continue to be a significant threat.

Phishing, credential theft most dangerous in Q1

Phishing attacks and credential theft were responsible for 196 of the 506 reported incidents. Scams and fraud are also prevalent in New Zealand: They were responsible for 168 incidents – a 21% increase from last quarter’s figures.

However, New Zealanders aren’t letting phishing websites lure in more victims – CERT NZ helped with 102 takedown requests either directly or by supporting reports made by banks and financial services organisations.

Unauthorised access accounted for 60 incidents – a 67% increase. There was also a 133% increase in reported vulnerabilities (35). Ransomware was only responsible for 13 incidents but there were two new ransomware variants spotted: ‘Rapid’ and ‘David’.

Individuals snared by scams; phishing baits organisations

Scams and fraud most affected individuals (153 reports); while phishing and credential harvesting impacted 118 organisations.

Individuals also bore the brunt of 75% of all direct financial losses ($2,208,644), while businesses reported $728,318 in direct financial losses.

New Zealand’s finance/insurance and tech sector reported the most incidents; accounting for 44% and 11% of reports respectively.

Overall, 33% of incidents involved financial loss; 6% involved data loss; 3% affected operational impacts; 2% involved operational loss; 3% caused technical damage; and 4% involved other types of loss.

Over-55s most impacted by financial loss

This quarter’s report breaks incident reports down by age group. Pope says the losses are especially pronounced from those in the over-55 age group.

87% of the value of financial loss impacts people over 55; while only 13% impacts those under 55.

“New data analysis this quarter shows that this has been particularly harmful for victims in the over-55 age group who have reported losing more money than any other age group,” says Pope.

Those over 65 lost $1 million – the highest losses across all age groups. Those aged between 55 to 64 reported the second-highest losses of $724,000.

CERT says age-impact data helps the team develop specific outreach programmes that work for the communities it is targeting.

“It’s insights like these that show the value of having a national CERT. Our role is not only helping specifically impacted individuals, but using the information from incident reports to help all Kiwis improve their cybersecurity,” Pope says.

“We use our data to support technical and non-technical people and organisations all over New Zealand. We do this in a range of ways, from working on new methods to disrupt models of attack to building outreach activities that help people take simple actions to protect themselves online.”

CERT NZ welcomes cybersecurity incident reports

New Zealanders who suspect they have experienced a cybersecurity issue should report it to CERT NZ at www.cert.govt.nz.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Verifi takes spot in Deloitte Asia Pacific Fast 500
"An increasing amount of companies captured by New Zealand’s Anti-Money laundering legislation are realising that an electronic identity verification solution can streamline their customer onboarding."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.