Story image

Protecting New Zealand in the new cybercrime threatscape

17 Sep 18

Article by Accenture country managing director Justin Gray

Most global organisations remain largely in the dark about the potential threats they face and the resulting impact.

This insight comes from Accenture’s Cyber Threatscape Report 2018 and shows that too many organisations are still vulnerable to attacks, and not preparing for the worst.

Unfortunately, New Zealand’s relative geographic isolation doesn’t protect it from cyber attacks; the country’s systems and IP are just as likely to come under attack as anywhere else.

New Zealand is also deeply integrated into the global digital environment, transforming the way people live, work and play.

New Zealand’s businesses are digitally transforming, supported by good internet infrastructure, and immersed in a culture of innovation.

New Zealand’s technology sector alone experienced revenue growth of 7.9% in the 2017 financial year and generated $7.3 billion in offshore revenues.

New Zealand organisations, just like their global counterparts, must keep an eye out for how cyber threats are changing – and adapt accordingly.

Cyber criminals are continuously networking, researching and testing out new tactics and procedures.

They are looking for new ways to disrupt operations, make money or spy on their targets, according to the report.

Therefore, organisations must be on the front foot, expanding their knowledge of potential threats and making the right investments.

They are not just directly attacking chosen targets with phishing campaigns and vulnerability exploitation; they are looking to reach their targets via the networks of third or fourth-party supply chain partners by exploiting weaknesses in less modern technologies, or by attacking Internet of Things (IoT) and Industrial Internet of Things (IIoT) technologies that were not originally designed with cyber defence in mind.

The convergence of information technology (IT) and operational technology (OT) is opening doors to adversaries to disrupt operations, deploy cryptomining malware, or to conduct deep-seated espionage operations.

Meanwhile, the number of nation-state-sponsored cyberattacks has grown, according to the report, and this is likely to continue.  

New Zealand’s National Cyber Security Centre found that in the past financial year, 122 cyber incidents were related to state-sponsored computer network exploitation groups.

Cryptomining

Another growing trend to be aware of is malware in cryptocurrency.

Miner malware rewards its operators with the cryptocurrency mined on infected hosts, with those victim systems potentially benefiting from rapid fluctuations in price.

Traditionally, miners have sought Bitcoin due to their currency’s wide adoption among cyber criminals and legitimate businesses, but the report found a radical shift towards mining alternative cryptocurrencies, most notably Monero.

Ransomware

Ransomware continues to be the most prevalent form of attack to extort money from organisations.

Attacks against organisations doubled between 2016 and 2017, rising from 13% to 27% of reported incidents.

Cybercriminals are innovating their attack methods and diversifying their methods, using multi-functional ransom malware – encompassing secondary functionality such as minder malware or data exfiltration, to ensure a second layer of possible profitability.

Cyberattacks are becoming more complex, so now is not the time to be complacent or think it won’t happen to an organisation.

The good news is, there are many tools and strategies organisations can use to manage this kind of risk:

  1. Firstly, organisations shouldn’t feel they can only activate their incident response plans in the event of a breach. Now, the best approach is to adopt a continuous response model – always assume the organisation has been breached. Use incident response and threat hunting teams to look for the next breach
     
  2. Expand a team’s research capabilities, abilities to provide strategic insights and grow their use of cyber research tools and technologies
     
  3. Build a data-driven approach fuelled by threat intelligence to better anticipate potential attacks and develop a more proactive security posture for businesses based on strategic, operational and tactical demands. One of the most effective ways to can ward off any attack is to think beyond the enterprise to the whole cyber ecosystem
     
  4. Work with suppliers and partners around the world. Today, only about 39% of companies say the data exchanged with strategic partners or third parties are adequately protected by their cybersecurity strategy.

By analysing data, organisations can anticipate risk and adopt a more proactive approach and put in place robust defence strategies.

While cyber risks will never go away completely, there are plenty employees can do to protect an organisation’s assets.

New Zealand’s immersion in the global digital environment leaves it vulnerable to a myriad of ever evolving cyber crimes.

Therefore, organisations must increase their focus and investment in cybersecurity to ensure they are better protected and prepared.

A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.