CERT NZ report: Unauthorised account access a growing problem
New Zealanders are reporting more cybersecurity incidents and suffering lower reported financial losses, according to insights from CERT NZ's latest quarterly report.
The report summarises statistics from January 1 to March 31 this year. During that period New Zealanders reported 992 incidents – the second highest on record since CERT was established.
New Zealanders reported direct financial losses of $1.7 million. While that is still a substantial loss, the figure is a 71% drop from the previous quarter.
The most pervasive type of cybersecurity incident reported is phishing and credential harvesting, which made up 45% of all total incidents recorded (445 incidents).
Scams and fraud followed closely behind, accounting for 325 incident reports. Of these, 53% were email extortion scams, 24% were related to the online purchases and sale of goods, and 6% were invoice scams.
On the other end of the spectrum, reported vulnerabilities and website compromises were the least reported, accounting for nine and ten reports respectively.
CERT NZ highlights the growing issue of unauthorised access, particularly as 96 reports related to the issue. New Zealanders lost approximately $329,000 due to these incidents.
Attackers targeted accounts including online banking, cloud services, email, and social media, for the purpose of stealing personal information and for financial gain.
"It's easy to trust our email and other online accounts, assuming that a password will be enough to keep us protected," says CERT NZ director Rob Pope.
"Attackers rely on this trust and exploit it to gain access to personal and corporate accounts. In many cases this can result in the loss of personal information and more.
"One simple step people can take to protect their online accounts is to set-up two-factor authentication (2FA). Adding 2FA to your login process is a simple way of adding an extra layer of security to your accounts.
The report provides a case study about how an IT service provider whose client's Office 365 account had been compromised. The account was used to send thousands of phishing emails to contacts.
"Fortunately, the IT service provider noticed an unusually high volume of emails being sent. This alerted them to the attack and they reported it to CERT NZ," the report says.
"CERT NZ worked with the IT service provider and the business to alert those on the contact list, help the business secure their account, and prevent the attackers from sending further emails.
Of the 525 security incidents reported about organisations, the three sectors with the most reports included financial and insurance services (269 incidents), technology (32 incidents), and retail trade and accommodation (27 incidents).
"Helping people keep safe online and improving cybersecurity in New Zealand is at the core of what we do at CERT NZ," says Pope.
"Having a broad range of people reaching out to us and getting the help they need reinforces our role as a central front door to help people get back on their feet quickly following a cybersecurity incident.
If you or your organisation experiences a cybersecurity threat – or if you suspect you may have been exposed to one – contact CERT NZ any time at www.cert.govt.nz or call 0800 CERT NZ, Monday to Friday, 7am – 7pm.