NCSC report reveals heightened financially motivated cybercrime in NZ
The National Cyber Security Centre (NCSC) recently announced a historic peak in financially motivated cyber activities. According to its annual Cyber Threat Report, such activities make up 28% of all reported incidents, surpassing state-sponsored activities, which accounted for only 23% compared to 34% in the last fiscal year.
Ransomware activities, in particular, are causing substantial costs and demanding significant recovery efforts for entities both domestically and globally. "We see ransomware activity imposing significant costs and requiring substantial recovery efforts for organisations in New Zealand and around the world," the report notes.
Lisa Fong, Deputy Director-General GCSB, responsible for the NCSC, attributes the rise in financially motivated cybercrime to the growing accessibility of potent malicious cyber tools, compromised credentials, and vulnerabilities in public-facing interfaces. According to her, these factors have made it easier for cyber miscreants to operate at scale and with the level of sophistication necessary to inflict harm at a national level.
Fong said, "Domestically, and internationally, the NCSC has seen heightened determination from cyber criminal actors attempting to extort payment from organisations." Ransomware and extortion activities now constitute a significant portion of the confirmed criminal activities observed by the NCSC.
In terms of figures, the NCSC reported 316 incidents impacting nationally significant organisations this year, compared to 350 in the previous year. Fong explains that this variation may reflect factors such as disruptions to the cyber criminal infrastructure, changing priorities or tactics of states, organisational cyber resilience and maturity, or an improved ability to mitigate activities before harm ensues.
Despite a decrease in the total number of recorded incidents, the incidents detected by NCSC capabilities increased year-on-year. "Viewed over the last four fiscal years, the number of incidents detected by NCSC capabilities accounts for about a third of our total recorded incidents," clarifies Fong.
The Deputy Director-General also highlighted the organisation's expanding threat detection and disruption service, MFN. She cited the delivery of MFN to a major telecommunications service provider's domestic customer base as a key milestone for the NCSC this year. "These increasing and deepening partnerships mean the NCSC is offering unprecedented threat protection, with millions of New Zealanders now benefitting from MFN," says Fong.
On average, the NCSC disrupted 20,800 connections to known malicious infrastructure each month this year. It also detected an average of seven cyber incidents per month and received 20 reports or requests for assistance. The Deputy Director-General expressed pride in the increasing cyber defence impact realised across Aotearoa New Zealand due to their MFN service.
Overall, in the 2022/2023 year, the NCSC's services helped to avoid an estimated $65.4 million worth of damage to nationally significant organisations in Aotearoa New Zealand. The magnitude of this figure serves to emphasise the importance of good cybersecurity for nationally significant organisations in the face of increasingly financially driven cyber miscreants.
"Looking ahead to 2024, it is important for Aotearoa New Zealand organisations to embed good processes – both in technical controls and in cybersecurity governance," Fong added.
She concludes, "For the NCSC, the coming year will continue to be one of growth and change... Our collective strengths will combine to create an even more effective operational agency, ready to respond to the growing cybersecurity threat faced by people and businesses in Aotearoa New Zealand."