New Zealand is a growing destination for cybercrime, with the country now ‘over-represented- in ransomware and social media scams, and a growing target for a range of other threats.
Symantec’s latest Internet Security Threat Report, shows zero day vulnerability attacks became a weekly occurrence in 2015, with cybercriminals exploiting, stockpiling and reselling high-value vulnerabilities.
Mark Shaw, Symantec Pacific technology strategist, information security and New Zealand spokesperson, says the report shows New Zealand has increased in global rank across five out of six threat categories tracked: spam, phishing hosts, bots, network attacking and web attacking countries.
“The Symantec Internet Security Threat Report indicates New Zealand as an increasingly popular target for cybercriminals,” he says.
“As a ransomware target New Zealand ranked fourth in Asia Pacific and 21st globally with the average of 108 ransomware attacks per day.
“The country was also ranked 21st globally for social media scams,” he adds.
“We also have the eighth highest proportion of global phishing traffic,” Shaw says.
The Kiwi figures come as Symantec warns that cybercriminals are establishing professional businesses and adopting corporate best practices in order to increase the efficiency of their attacks against enterprises and consumers.
Kevin Haley, Symantec Security Response director, says advanced criminal attack groups now mirror the skill sets of nation-state attackers.
“They have well resourced and highly-skilled technical staff that operate during normal business hours – they even take weekends and holidays off,” Haley says.
“We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”
Advanced professional attack groups are first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market. Once they are available in the open market they are quickly commoditised.
Symantec says the number of zero-day vulnerabilities discovered in 2015 more than doubled to 54, up 125% from the year before to a new record high.
Meanwhile, malware increased at a ‘staggering’ rate with 430 million new malware variants discovered last year.
“The sheer volume of malware proves that professional cybercriminals are leveraging vast resources in an attempt to overwhelm defenses and enter corporate networks,” Symantec says.