SecurityBrief New Zealand logo
Story image

New Zealand is one of the 'Cyber Five' APAC countries most at risk of cyber attacks

05 Mar 2018

New Zealand is one of Asia Pacific’s ‘Cyber Five’ for the most vulnerable countries to cyber attacks despite increased cyber resilience capabilities and strategies to deal with them.

That is what a new paper from Delta Insurance claims, citing the Global Cybersecurity Index that puts New Zealand in 19th place for its commitment to cybersecurity.

The ‘Cyber Five’ includes New Zealand, Australia, South Korea, Japan and Singapore – countries that are apparently at risk of attacks more than any other Asian economy.

“New Zealand’s global information footprint is on the rise and our increased dependencies on globally connected Internet infrastructure will only draw New Zealand further into the cyber risk landscape,” the report says.

According to Delta co-founder Ian Pollard, the research reveals deep vulnerabilities in New Zealand businesses.

“A cyber risk can arise despite a business’s best efforts to avoid it, and it is vital to mitigate those risks,” he says

New Zealand is also falling behind international standards in terms of legislation. Delta says that breach notification laws are present in other countries, but there is no compulsory data breach notification law yet.

“Following the EU’s and Australia’s lead, a variety of New Zealand proposals have been recommended, both preventative and responsive measures to protect those involved in an attack. The proposed New Zealand legislation will require mandatory training for employees, ensuring their cybersecurity education is sufficient in providing protection for their organisation.”

Combined with the under-reporting of cyber attacks both in New Zealand and across the globe, there is now a perception that a cyber attack victim is punished by publicity, rather than the perpetrator.

Delta found that firms fear negative publicity, legal repercussions and the cost of notifications.

However major threats such as ransomware, Distributed Denial of Service (DDoS) attacks and state-backed cyber warfare continue to cause problems.

While cyber warfare may traditionally be associated with nation-states such as North Korea, New Zealand is still vulnerable and ‘will be affected in more ways than one’ – but the report does not hint at what those ways could be.

Phishing and whaling attacks are continuing to grow. Both may be remedied through education and awareness, but Delta believes technical security controls are necessary.

“The advancements of social engineering have made whaling extremely popular, particularly due to the high returns attackers have been receiving14 compared with the level of technical input,” the report says.

Emerging risks based on technologies such as artificial intelligence and the Internet of Things continue to grow, the company says.

“Experts are warning that the rise of AI will be used by criminals against companies to conduct cyberattacks. With AI, the targeting, payload selection, weaponising, delivery and execution, could in theory, be automated42. Human hackers often get caught because they get spooked, overconfident, frustrated or leave traces that give them away. It is likely that AI-enabled tools would not make the same mistakes – if they did, they would learn very quickly from these mistakes.”

Perhaps with something of a vested interest in the space Delta believes that New Zealand’s total cyber insurance market has potential to reach $100 million by 2025.

Story image
New research reveals customer behaviour around fraud risks
"Timeliness is key, you must get the alert in front of people at the exact moment they are at risk of fraud. Without this, banks will continue to spend huge amounts of money on fraud prevention messaging that will never have an impact."More
Story image
Video: 10 Minute IT Jams - SonicWall manager dissects zero trust security
Today’s interviewee is SonicWall head of presales for APAC, Yuvraj Pradhan, who discusses various talking points surrounding zero trust security.More
Story image
Attivo Networks announces SentinelOne integration to increase threat protection
The integrated solution creates a defence against sophisticated attackers and provides comprehensive coverage across a broad set of attack techniques, as documented in the MITRE ATT&CK matrix.More
Story image
Massive WHO scam busted - 'DarkPath Scammers' group suspected
The scam campaign comprised a network of 134 websites that attempted to lure people in by asking them to take a survey for a monetary reward.More
Story image
Vectra AI releases new endpoint integration to Cognito platform
Cloud network detection and response company Vectra AI has released extended endpoint detection and response native integration into its Cognito platform.More
Story image
COVID-19 has changed the way companies handle data security
According to data classification company Titus, the rise in remote working under COVID-19 has delivered far-reaching changes in how we do business, with significant implications for CISOs, compliance, and data governance officers. More