SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Ransomware, crypto scams & brute-forced passwords: Highlights from CERT NZ's Q2 report
Fri, 17th Sep 2021
FYI, this story is more than a year old

The number of cybersecurity incidents in the second quarter of 2021 has risen to more than 1,350, accounting for $3.9 million in direct financial losses.

CERT NZ is also warning of an increase in ransomware attacks against New Zealand businesses and individuals. The number of reported attacks rose from 12 reports in Q1 to 30 in Q2.

CERT NZ director Rob Pope says ransomware attacks result in data loss and can impact business operations as companies need to go offline to recover systems and files.

“Paying the ransom does not guarantee that your files will be recovered and if an attacker sees you are willing to pay, it may also open you up to future attacks,” adds Pope.

“If you believe you have been a target of ransomware, isolate your machines by disconnecting cords and router, seek the assistance of an IT provider, and please report the incident confidentially to CERT NZ – we're here to help.”

But it's not just ransomware that people should pay attention to. Phishing and credential harvesting incidents accounted for almost half (619) of all incidents in the quarter, followed by scams and fraud (390), unauthorised access (171), and malware (32).

The report notes that cryptocurrency investment scams are becoming increasingly problematic, accounting for $500,000 in direct financial losses.

“These scams are often distributed by emails, text messages, phone calls or through fake websites. They advertise cryptocurrency investment opportunities with substantial and guaranteed financial returns, or offer direct sales of cryptocurrencies like Bitcoins, Litecoins or other altcoins, which don't result in any transfer once payment is made,” the report explains.

Like other forms of investment scams, cryptocurrency scams use common scam techniques such as using urgency to encourage people to act, and they also use language similar to genuine investment-style communications.  CERT NZ warns that people should be wary of investment opportunities from people they don't know, and all unsolicited marketing emails in New Zealand are illegal.

“Cryptocurrencies are high risk and highly volatile – the price can go up and down very quickly. Investment opportunities offering high, guaranteed returns are likely too good to be true.

The report also identified almost 4,500 incidents in which attackers brute forced passwords to devices such as routers and internet-enabled cameras.  Brute force attacks use computer software to crack passwords, and attacks can take just a few seconds depending on the strength of the password.

“If the brute force attack succeeds, the attacker can then carry out a wide range of malicious activity depending on what is accessed. This can include accessing private data like footage from internet-connected security and TV cameras. Attackers can also use the infected device to spread further malware and brute force other devices.

Because these devices have default or pre-configured usernames and passwords, all users should update these when possible. Passwords should be long, strong, and unique.

More details are available in CERT NZ's Quarterly Report: Data Landscape 2021.