SecurityBrief New Zealand logo
New Zealand's leading source of cybersecurity and cyber-attack news
Story image

The link between cybersecurity, extremist threat and misinformation online in Aotearoa

By Mitchell Hageman
Mon 27 Jun 2022

Cybersecurity threats come in many different forms. While things like malware, bugs and phishing attacks can cause serious harm in their own right, when coupled with threat and misinformation it can often lead devestating impacts.

These kinds of threats are formed in various ways and evade cybersecurity and personal cyber safety measures with ease. Long story short, it's often the case that misinformation, threat and extremism link closely to cybersecurity issues and cyber harm.

Hate speech, threat and extremism are issues that have caused significant problems in Aotearoa, and the root of much of it is unfortunately active in an online environment. Threat actors with sinister agendas covertly break down cybersecurity and threat prevention barriers to promote their own unique brand of hate and extremism, using a variety of tools and systems to cause widespread harm. 

It is often the case that much of the harm is initiated in dark corners of the internet, blocked by complex coding and security technology. It can also be initiated on social media, with large companies struggling to police and monitor with efficient legal security measures. Threat actors hide behind fake profiles, and even with the strongest regulations and cybersecurity and safety measures, misinformation can break down these walls in an instant.

Threat and misinformation come in a variety of forms. Concerning statistics from InternetNZ show that 58% of New Zealanders - up from 42% last year - are either 'extremely concerned' or 'very concerned' about online conspiracy theories. Kiwi's general level of concern about misinformation has also dramatically risen this year, with 66% of New Zealanders being either extremely or very concerned that information is misleading or wrong. The number of people who said they were extremely or very concerned about hate speech online has also jumped from 58% to 65%.

Research like this highlights that we need solid cyber safety and security measures in place to prevent long-lasting damage. 

"InternetNZ wants to see an Internet where everyone in Aotearoa can fully participate online. Scams, cybersecurity risks, and abusive behaviours online are all linked in that they make it harder for people in our community to be safe," says InternetNZ senior policy advisor James Ting-Edwards.

"It is vital that work to address these issues starts by listening to the people most affected by abusive behaviours online, whether these are threats to the security of people's computers and bank accounts, or threats to their personal safety and their ability to go online without facing harassment."

He says there needs to be an extended community effort to prevent threatening behaviour, and laws and technologies can only do so much.

"Governments and online services are well aware of these issues, but the gap we see is a need for more work to include community voices in developing solutions," he says.

"This is not just about laws and technologies, it's about how communities in Aotearoa get a voice in the online environments we participate in."

Dr Ethan R. Plaut from the University of Auckland reinforced that hate speech and threat should be perceived as a matter of our national security, and it is an increasingly prevalent issue worldwide.

"Online hate speech is a matter of national security in multiple different ways," he says.

"This is clearly true in the sense that foreign actors may be involved in the creation and circulation of hateful misinformation, and in the sense that domestic online extremism has been implicated in the radicalisation of people involved in violent attacks, including here in Aotearoa New Zealand.

"These issues also intersect in online attacks against people doing advocacy for Māori, women, racial minorities, and LGBTQ and other vulnerable communities, who are vulnerable to doxxing, threats, and other forms of online attacks."

A prominent example of these types of threats in action can be seen both before and after the devastating Christchurch terror attacks in 2019. 

The perpetrator was highly active in a covert online environment, operating to promote hate and infiltrating various social media platforms to spread it. The terrorist also released a manifesto and live-streamed his actions, causing widespread significant harm. CERT NZ reported a variety of issues in the wake of the tragedy, saying that scammers and attackers were using the tragic event as an opportunity to perform targeted online cyber attacks against New Zealanders. Some of these included:

  • Phishing emails containing links to fake online banking logins. These emails also contained fraudulent bank accounts where victims could make donations for the Christchurch tragedy.
  • The sharing of malicious video files on compromised websites or on social media. 
  • A video file containing footage related to the attack had malware embedded in it, and this malicious file is being shared online. (This could further promote hate and threat)
  • Attackers changing New Zealand websites to spread political messages about the Christchurch tragedy. (This was also prevalent on social media)
  • New Zealand websites receiving threats of denial-of-service attacks, which would take them offline.

So it's clear that cybersecurity and safety intersect with hate speech and threat, so what can be done to help prevent serious issues in the future?

While Netsafe, CERT NZ and other organisations play a key advisory role in helping inform the public of threats and stop the spread of misinformation here in Aotearoa, there is also a collective agreement in place that aims to tackle these issues at the source. The Christchurch Call was formed in Paris on May 15 2019, and acted as a collective agreement from countries around the world aiming to create a safer online environment that stops hate, threat and misinformation in its tracks.

Consisting of over 50 countries and delegations worldwide, the Paris and New Zealand initiated agreement found that outlines collective, voluntary commitments from Governments and online service providers that aim to address the issue of terrorist and violent extremist content online and to prevent the abuse of the internet as occurred in and after the Christchurch attacks. 

The agreement highlights five key points that governments should collectively aim to achieve, with topics ranging from using law and regulation, to supporting frameworks for companies in order to combat hate and abuse online.

While some of the points apply directly to broadcast media, when examining ones relating to cyber safety and security the framework advises:

  • Awareness-raising and capacity-building activities aimed at smaller online service providers.
  • Development of industry standards or voluntary frameworks.
  • Regulatory or policy measures consistent with a free, open and secure internet and international human rights law.

Social media giants such as Meta, Twitter, Google and YouTube are some of the many organisations that have pledged support to the agreement; however it may take years for them to fully implement secure systems and technologies worldwide.

As with many things online, cybersecurity and safety remain distinctly human issues and can often only be adequately solved with a widespread community effort. 

As governments worldwide struggle with increasing threat, misinformation and extremism, there is hope that leadership shown through agreements like the Christchurch Call can promote safer online communities for everyone.

Public Interest Journalism Fund logo
Public Interest Journalism funded through NZ On Air.
Related stories
Top stories
Story image
InternetNZ
How well do rangatahi understand cyber safety in Aotearoa?
Do rangatahi in Aotearoa understand the importance of being safe online, or has lifelong exposure to the internet resulted in widespread complacency?
Story image
Data Protection
Zero Trust, but verify - finding the OT in ZerO Trust
The move to remote and cloud-based technologies has shifted the goalposts for cybersecurity. It now needs to cover multiple people, devices, platforms, and networks.
Story image
Cloud Security
Tenable makes additions to Cloud Security portfolio
Tenable has announced additions to Tenable Cloud Security that represent the next step in assessing threats related to cloud vulnerabilities.
Story image
Microsoft
Avast reveals zero-day exploits targeting Chrome and Microsoft
Avast, released its Q2/2022 Threat Report today, revealing a significant increase in global ransomware attacks, up 24% from Q1/2022.
Story image
Cybersecurity
Education sector seeing highest volumes of cyber attacks
When breaking down the numbers to education attacks by region in July 2022, A/NZ was the most heavily attacked.
Story image
SaaS
Cloud and data protection big challenges for NZ businesses
"This surge towards a cloud-first approach meant security and safety became afterthoughts - there's no point being the fastest car on the racetrack if you crash.”
Story image
VMware
Latest VMware threat report reveals truth about deepfakes
"Cyber criminals have evolved. Their new goal is to use deepfake technology to compromise organisations and gain access to their environment."
Story image
Cybersecurity
Datacom research explores reality of zero trust in A/NZ
Zero trust is fast emerging as global best practice in cybersecurity and local leaders are on board, with 83% considering it essential to security.
Story image
Surveillance
Ministry will no longer accept equipment from Chinese firm Hikvision
The Ministry of Business, Innovation and Employment (MBIE) says it will no longer accept equipment from a major Chinese surveillance camera maker.
Story image
Dicker Data
Dicker Data brought on as Acronis partner for A/NZ
The news about the partnership comes in as cyber criminals continue to exploit gaps in traditional solutions and strategies in NZ and across the APAC region.
Story image
Cybersecurity
Palo Alto Networks responds to rise in threats with MDR service
Unit 42 Managed Detection and Response is a new service that can offer continuous 24/7 threat detection, investigation and response.
Story image
Compliance
Why security needs to shape your journey to the cloud
It's estimated that 80% of workloads could be in the cloud in the next few years. How can you make all that data secure?
Story image
Machine learning
Sysdig releases CDR offering to combat cryptojacking
Sysdig has unveiled a cloud detection and response (CDR) offering powered by machine learning to combat cryptojacking.
Story image
Phishing
Norton research finds NZ threat landscape diversifying on social media
Norton's quarterly report has highlighted the seriousness of the threat landscape in New Zealand.
Story image
Sustainability
NZ program recovers and recycles more than 177 tonnes of e-waste
The TechCollect NZ pilot program says its milestone of recovering and recycling more than 177 tonnes of ICT e-waste recognises the efforts of many.
Story image
Indusface
Why enhancing bot protection for web and API endpoints matters
The trouble with bots is that they aren’t all bad. Unfortunately, this can make it challenging to detect malicious bots that find their way into your system and threaten your business.
Story image
Web application firewall
Radware recognised in KuppingerCole’s 2022 Leadership Compass report
Radware has been named a Product, Innovation, Market and Overall Leader in the 2022 KuppingerCole Leadership Compass report for Web Application Firewalls.
Story image
Gartner Magic Quadrant
Gartner names Lookout a Visionary in 2022 Magic Quadrant
Gartner has recognised Lookout as a Visionary in the 2022 Magic Quadrant for Security Service Edge (SSE) and one of the top three offerings in the 2022 Gartner Critical Capabilities for SSE report.
Story image
Mergers and Acquisitions
Netskope acquires Infiot, delivers integrated SASE platform
Converged SASE platform provides AI-driven zero trust security and simplified, optimised connectivity to any network location or device, including IoT.
Story image
Privileged Access Management / PAM
The importance of stopping identity sprawl for cybersecurity
The 2021 Data Breach Investigations Report (DBIR) shows that 61% of all breaches involve malicious actors gaining unauthorised, privileged access to data by using a compromised credential. Unfortunately, it is often too late when the misuse of a credential is detected.
Story image
Ransomware
Ivanti and SentinelOne partner on patch management solution
Ivanti and SentinelOne will integrate their technologies Ivanti Neurons for Patch Management and SentinelOne's Singularity XDR platform.
Story image
Gartner Magic Quadrant
Gartner positions Commvault as Leader in 2022 Magic Quadrant
Gartner has named Commvault a Leader in its 2022 Gartner Magic Quadrant for Enterprise Backup and Recovery Software Solutions report.
Story image
Malware
Research shows attacks on the gaming industry are getting worse
Web application attacks in the gaming sector have grown by 167% from Q1 2021 to Q1 2022, according to new research from Akamai.
Story image
Google Cloud
Google Cloud to open first cloud region in NZ - among others
Google Cloud has announced plans to bring three new cloud regions, one each in New Zealand, Malaysia and Thailand.
Story image
Open source
Flashpoint acquires Echosec Systems, elevates OSINT capabilities
Flashpoint has acquired Echosec Systems, a provider of open-source intelligence and publicly available information.
Story image
Gartner
Veeam named Leader in enterprise backup and recovery
"We believe our innovation and ability to execute validates our solid standing as the #1 trusted provider of modern data protection."
Story image
Dark web
Beware the darkverse and its cyber-physical threats
A darkverse of criminality hidden from law enforcement could quickly evolve to fuel a new industry of metaverse-related cybercrime.
Story image
Firewall
Fortinet unveils compact firewall for hyperscale data centres, 5G networks
"Fortinet’s dedication to pushing the boundaries of what is possible in security performance has yielded the most powerful compact firewall yet."
Story image
SaaS
Claroty launches new cloud-based industrial cybersecurity platform
The company says Claroty xDome is the industry's first solution to deliver the ease and scalability of SaaS without compromising on visibility, protection, and monitoring controls.
Story image
Neat
Workplace design a crucial factor for better employee experience - report
The key to a successful workplace could be its design, according to research from Ecosystm and Neat.
Story image
Rubrik
Gartner names Rubrik Leader in 2022 Magic Quadrant
Rubrik has been positioned by Gartner as a Leader in the 2022 Magic Quadrant for Enterprise Backup and Recovery Software Solutions.
Story image
Malware
Avast One extends protection with Online Safety Score
Avast One has extended its cross-platform support by adding its Online Safety Score feature to both the Mac and iOS platforms of Avast One.
Story image
Data Protection
VMware introduces advanced workload protection for AWS
VMware Carbon Black Workload for AWS delivers comprehensive visibility and security across on-premises and cloud environments for AWS customers.
Story image
Data Protection
Video: 10 Minute IT Jams - An update from SearchInform
Alexey Pinchuk joins us today to discuss the role the company plays in helping organisations manage risk and provide better security outcomes.
Story image
Data Protection
CyberRes partners with Google Cloud in lead up to BigQuery release
CyberRes, a Micro Focus line of business, has announced a partnership with Google Cloud to support the upcoming release of BigQuery remote functions.
Story image
IDC
High level of Customer Identity & Access Management adoption
The study from Okta revealed that the pandemic has either accelerated or highlighted the need for digital-first strategies.
Story image
Government
Mandiant researchers uncover significant new disinformation campaign
Researchers from Mandiant say they have uncovered a significant disinformation campaign from the Chinese Government in the wake of U.S. Speaker Nancy Pelosi's visit to Taiwan.
Story image
ExtraHop
Organisations exposing highly sensitive protocols to public internet
More than 60% of organisations expose remote control protocol SSH to the public internet, while 36% of organisations expose the insecure FTP protocol.
Story image
Artificial Intelligence
Exclusive: NZ-based DEFEND offers global cyber protection
DEFEND supports customers in 66 countries across the globe with a relentless focus on ensuring that every dollar spent on security provides a meaningful return on investment and reduces cyber risk.
Story image
Gaming
Attacks on gaming companies more than double over past year
The State of the Internet report shows gaming companies and gamer accounts are at risk, following a surge in web application attacks post pandemic.
AWS Marketplace
Learn how security orchestration, automation, and response (SOAR) enhances your security strategy.
Link image