Story image

NZ growing target for cybercrime, especially ransomware

13 Apr 2016

New Zealand is a growing destination for cybercrime, with the country now ‘over-represented- in ransomware and social media scams, and a growing target for a range of other threats.

Symantec’s latest Internet Security Threat Report, shows zero day vulnerability attacks became a weekly occurrence in 2015, with cybercriminals exploiting, stockpiling and reselling high-value vulnerabilities.

Mark Shaw, Symantec Pacific technology strategist, information security and New Zealand spokesperson, says the report shows New Zealand has increased in global rank across five out of six threat categories tracked: spam, phishing hosts, bots, network attacking and web attacking countries.

“The Symantec Internet Security Threat Report indicates New Zealand as an increasingly popular target for cybercriminals,” he says.

“As a ransomware target New Zealand ranked fourth in Asia Pacific and 21st globally with the average of 108 ransomware attacks per day.

“The country was also ranked 21st globally for social media scams,” he adds.

“We also have the eighth highest proportion of global phishing traffic,” Shaw says.

The Kiwi figures come as Symantec warns that cybercriminals are establishing professional businesses and adopting corporate best practices in order to increase the efficiency of their attacks against enterprises and consumers.

Kevin Haley, Symantec Security Response director, says advanced criminal attack groups now mirror the skill sets of nation-state attackers.

“They have well resourced and highly-skilled technical staff that operate during normal business hours – they even take weekends and holidays off,” Haley says.

“We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”

Advanced professional attack groups are first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market. Once they are available in the open market they are quickly commoditised.

Symantec says the number of zero-day vulnerabilities discovered in 2015 more than doubled to 54, up 125% from the year before to a new record high.

Meanwhile, malware increased at a ‘staggering’ rate with 430 million new malware variants discovered last year.

“The sheer volume of malware proves that professional cybercriminals are leveraging vast resources in an attempt to overwhelm defenses and enter corporate networks,” Symantec says.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.