sb-nz logo
Story image

CERT NZ report: Unauthorised account access a growing problem

10 Jul 2019

New Zealanders are reporting more cybersecurity incidents and suffering lower reported financial losses, according to insights from CERT NZ’s latest quarterly report.

The report summarises statistics from January 1 to March 31 this year. During that period New Zealanders reported 992 incidents – the second highest on record since CERT was established.

New Zealanders reported direct financial losses of $1.7 million. While that is still a substantial loss, the figure is a 71% drop from the previous quarter.

The most pervasive type of cybersecurity incident reported is phishing and credential harvesting, which made up 45% of all total incidents recorded (445 incidents).

Scams and fraud followed closely behind, accounting for 325 incident reports. Of these, 53% were email extortion scams, 24% were related to the online purchases and sale of goods, and 6% were invoice scams.

On the other end of the spectrum, reported vulnerabilities and website compromises were the least reported, accounting for nine and ten reports respectively.

CERT NZ highlights the growing issue of unauthorised access, particularly as 96 reports related to the issue. New Zealanders lost approximately $329,000 due to these incidents.

Attackers targeted accounts including online banking, cloud services, email, and social media, for the purpose of stealing personal information and for financial gain.

“It’s easy to trust our email and other online accounts, assuming that a password will be enough to keep us protected,” says CERT NZ director Rob Pope.

“Attackers rely on this trust and exploit it to gain access to personal and corporate accounts. In many cases this can result in the loss of personal information and more.”

“One simple step people can take to protect their online accounts is to set-up two-factor authentication (2FA). Adding 2FA to your login process is a simple way of adding an extra layer of security to your accounts.”

The report provides a case study about how an IT service provider whose client’s Office 365 account had been compromised. The account was used to send thousands of phishing emails to contacts.

“Fortunately, the IT service provider noticed an unusually high volume of emails being sent. This alerted them to the attack and they reported it to CERT NZ,” the report says.

“CERT NZ worked with the IT service provider and the business to alert those on the contact list, help the business secure their account, and prevent the attackers from sending further emails.”

Of the 525 security incidents reported about organisations, the three sectors with the most reports included financial and insurance services (269 incidents), technology (32 incidents), and retail trade and accommodation (27 incidents).

“Helping people keep safe online and improving cybersecurity in New Zealand is at the core of what we do at CERT NZ,” says Pope.

“Having a broad range of people reaching out to us and getting the help they need reinforces our role as a central front door to help people get back on their feet quickly following a cybersecurity incident.”

If you or your organisation experiences a cybersecurity threat – or if you suspect you may have been exposed to one – contact CERT NZ any time at or call 0800 CERT NZ, Monday to Friday, 7am – 7pm.

Story image
SolarWinds Niche Player in app monitoring Magic Quadrant
Simplicity, visibility and solution synergy have put SolarWinds into the 2020 Gartner Magic Quadrant for Application Performance Monitoring.More
Story image
Sophos and Arcserve bolster alliance with two new solutions
The new solutions combine anti-ransomware and other threat-protection tech with immutable backup and disaster recovery capabilities.More
Story image
Consumer password hygiene doesn't reflect cybersecurity threat in 2020
83% of internet users think up their own passwords, while 54% say they are unaware about how to check if any of their credentials have already been leaked, according to new research from Kaspersky.More
Story image
VMware reveals plans to acquire Octarine, going all in for Kubernetes
VMware says once the acquisition is completed, Octarine’s integration will provide new security features for containerized applications running in Kubernetes, and will enable security capabilities as part of the fabric of the existing IT and DevOps ecosystems.More
Story image
Shadow of ransomware looms over healthcare sector
“Hackers will continue to target vulnerable systems as long as there are profits to be made: from selling the stolen patient’s data to holding the healthcare systems hostage until the criminals’ demands are met.”More
Story image
Five wine-tasting tips that should be applied to network security
What does network visibility really mean? Much like a blind wine tasting, we need to keep an open mind and trust what data is telling us without being biased by previous results.More