SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Hackers are polishing their skills while Kiwis get complacent
Wed, 7th Dec 2016
FYI, this story is more than a year old

Kiwis don't seem to be learning from their mistakes when it comes to cybercrime, according to a new report from Norton by Symantec.

The annual Norton Cyber Security Insights Report aims to shed light on the truth about online crime and the personal effect it has on people.

According to the findings, New Zealanders who were victims of cybercrime within the past year have often continued their unsafe behaviour. For example, while nearly half of people who had been victims used a secure password on every account, more than a third (36%) are likely to share their password with others, negating their efforts.

Additionally, 46% of Kiwis have at least one unprotected device leaving their other devices vulnerable to ransomware, malicious websites, zero days and phishing attacks, the report found.

Globally, 76% of respondents know they must actively protect their information online, but are still sharing passwords and engaging in other risky behaviours.

“Our findings show that New Zealanders are growing increasingly aware of the need to protect their personal information online, but aren't motivated to take adequate precautions to stay safe,” explains Mark Shaw, technology strategist, Symantec, Pacific region.

“While Kiwis remain complacent, hackers are refining their skills and adapting their scams to further take advantage of people, making it increasingly important to take some action,” he says.

Shaw says given the rampant rates of cybercrime, the complacency in behaviour is concerning.

Within the past year, 689 million people in 21 countries were victims of cybercrime, an increase of 10% across the 17 countries that were measured in 2015.

Overconfidence in Connected Devices Leaves People Vulnerable

“With every connected home device purchase, people are unknowingly giving hackers a new avenue to launch attacks,” says Shaw.

“In some instances, poor security habits and vulnerabilities in connected devices are letting hackers into Kiwis' homes.

  • 40% of connected home device users in New Zealand don't have any protective measures in place for these devices.
  • 36% of New Zealanders don't believe enough people own connected home devices for them to be a target. Yet, just as hackers learned to benefit from targeting social media and financial accounts, they are on their way to learning how access to connected home devices can be lucrative. 
  • Globally, over six in 10 (62%) consumers said they believe connected home devices were designed with online security in mind however, according to Symantec research, in 2015, criminals compromised TVs, toys, refrigerators, doorbells and even medical devices. Symantec researchers also identified security vulnerabilities in 50 different connected home devices ranging from smart thermostats to smart energy management devices, and even security cameras. 

New Zealanders Admit the Risks Are Real 

Shaw says the prevalence of cybercrime has merged with peoples' perception of real-world risks. He says many New Zealanders now see cybercrime dangers as equivalent to risks in the real world:

  • Two-thirds (67%) of New Zealand respondents said that over the past five years, it's become harder to stay safe online while only half (51%) said it has become harder to stay safe and secure in the physical world.
  • Almost the same number (64%) said they believe entering financial information online when connected to public Wi-Fi is riskier than reading their credit or debit card number aloud in a public place.

Bad Habits Are Hard to Break – Online or Otherwise

“Experiencing cybercrime is a potential consequence of living in a connected world, but Kiwis still remain complacent when it comes to protecting their personal information online,” Shaw explains.

  • Millennials exhibit surprisingly slack online security habits, and are happy to share passwords that compromise their online safety (40%). This is likely why they remain the most common victims of cybercrime, with 27% having experienced cybercrime in the past year.
  • Almost half of New Zealanders (48%) never connect to a Wi-Fi network using VPN, which can potentially allow a hacker to steal data as it travels on the network.
  • Consumers are still willing to click on links from senders they don't know or open malicious attachments. Globally, nearly three in 10 people cannot detect a phishing attack, with nearly 1 in 4 (23%) New Zealanders not being able to determine the difference between a real message and a phishing email.
  • An overwhelming majority of Kiwis (93%) have Wi-Fi in their homes, to the point it is now ubiquitous, but only 16% say it is likely their networks have potential to be compromised. Furthermore, 14% of New Zealanders believe only those with connected devices need protection for their Wi-Fi