CERT NZ releases first Cyber Security Insights for 2022
CERT NZ has released Quarter One: Cyber Security Insights 2022, which offers an overview of reports about cybersecurity incidents affecting New Zealanders.
The Q1 insights cover January 1 to March 31, 2022, and show that CERT NZ responded to 2,333 incident reports from across the country about individuals and businesses during this period.
This report is in two parts, and, in addition to sharing information regarding the reported incidents, it also provides examples of work CERT NZ is carrying out to assist with these issues.
The two parts are Insights, which looks at selected cyber security incidents and problems, and the Data Landscape report, which offers a standardised set of results and graphs for Q1 2022.
Overall highlights from the report include:
- Q1 reported $3.7 million in direct financial loss, with 30% of incidents reporting a financial loss, a decrease of 44% compared to Q4, 2021.
- CERT NZ responded to 2,333 incidents during this quarter, a decrease of 41% compared with Q4 2021.
- Ransomware reports increased by 31% compared to Q4 2021.
- CERT NZ also recorded a 95% decrease in malware reports from Q4 2021.
Furthermore, based on the previous eight quarters, CERT NZ notes that 2,227 incidents are reported on average each quarter and that the average direct financial loss is $4 million.
CERT NZ describes phishing as an attempt to impersonate “an authentic communication from a trusted source, usually through email or SMS.
It adds that by doing this, the threat actor intends to fool the recipient into acting on their information, such as by clicking a link or giving out personal or financial information.
CERT NZ notes that as of Q1 2022, phishing and other means of gaining credentials remains the category with the highest reported incidents.
“Phishing has evolved from the infamous ‘Nigerian Prince inheritance' emails to far more plausible communications pretending to be from well-known brands and organisations,” CERT NZ says.
Moreover, the organisation says phishing or getting credentials is usually followed by other cyber attacks.
Q1 saw a phishing campaign sent out through email and text, telling recipients to ring a number to cancel an expensive anti-virus subscription or they would be charged the next day.
Moreover, CERT NZ received 17 ransomware reports during this quarter, with five specifically targeting network-attached storage (NAS) devices.
These attacks locked files on the device, stopping the owners from accessing their information, such as business files and family photos.
The company says the best way to protect NAS devices is never to allow your NAS to be visible on the internet.
However, CERT NZ recommends restricting NAS visibility by IP/CIDR or geolocation if this is not possible.
Other advice includes updating passwords to be longer and more unique, applying updates the moment they are available, and turning on two-factor authentication.