sb-nz logo
Story image

Waikato Uni academic says cybercrime is now bigger than drug trafficking

29 Nov 2017

A New Zealand cybersecurity academic says that the country’s business leaders still aren’t taking cybersecurity seriously enough – and that it’s posing significant risks to their organisations’ reputations.

According to Dr Ryan Ko, University of Waikato Associate Professor in Computer Science, the lack of communication is a serious flaw during cybersecurity incident response.

“The spread of information is so fast, and reputations are very hard to get back when lost,” he says.

Ko, who is also director of the NZ Institute for Security and Crime Science, recently spoke to business leaders in Hamilton as part of a Crucial Conversations Over Lunch (CRUNCH) meeting, organised by HMC Communications. He discussed the current state of cybercrime in New Zealand and organised a fictional cyber attack scenario in which participants could plan their responses.

Ko cites a Norton Cybercrime Report that shows global cybercrime is now bigger than drug trafficking.

“It was reported that, globally, cybercrime cost $388 billion which was larger than the cost of drug trafficking at $288 billion,” he says.

“Every half-second a unique malware or virus is created somewhere in the world. Cybersecurity is a serious concern for companies, and New Zealand business leaders need to do more to protect their company and their customers.”

This week is Cyber Smart Week, which encourages people to take control of cybersecurity both for their business and their home.

“The public perception is that businesses and boards should take responsibility for personal information, and that means cyber attacks have legal implications for directors. It’s not a matter of ‘if’ it will happen, but when, and directors may be facing liability,” Ko says.

Waikato Milking Systems general manager Campbell Parker says that although large organisations have robust measures in places, smaller firms are vulnerable, especially when they rely on external providers.

“I think we are quite naïve in New Zealand around risk. You see it in fraud cases, and it’s true when it comes to cybersecurity also,” Parker says.

“When you think that 97 per cent of New Zealand companies are SMEs (small-to-medium enterprises) with less than 20 employees, then there is a risk to them.”

Ko described cyber attacks on US retailer Target and hotel chain Wyndham Worldwide Corporation. Hackers breached Target’s systems in 2013 and stole credit card information from approximately 40 million customers.

New Zealand firms are at risk of many threats including Distributed Denial of Service (DDoS) attacks, social engineering, attacks on unpatched systems and older communications tools, ransomware, cyber forces and weaponry.

Workhub Services managing director Myles Imperial says cybersecurity affects all businesses.

 “We are in a computer age and you have to have a plan if something happens online. This is a session that should be done by all business leaders,” she says.

Are you prepared for a cyber attack? Things for business leaders to consider

  • What is your board of directors doing to address the risk of a cyber-attack to your business or organisation?
  • Have cyber security policies been reviewed (and do they even exist)?
  • Are there policies around external contractors?
  • Does the business or organisation have cyber insurance?
  • Is there a chief information security officer in the company?
  • What would you do in the event of a cyber-attack, operationally and with your communications (internally and externally, including stakeholders and media)?
Story image
BayCom partners with NICE inContact to offer cloud contact centre platform in NZ
“With our extensive experience in the industry, BayCom has the ability to design, implement and support CXone nationwide, providing organisations with an industry-leading Contact Centre as a Service (CCaaS) solution to deliver on their customer experience strategies.”  More
Story image
Kiwis dont care enough about cybersecurity
New Zealanders are not adjusting their behaviours around cybersecurity fast enough.More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
How cyber-attackers use Microsoft 365 tools to steal data
Vectra security research has recently identified how cyber-attackers use Microsoft Office 365 tools against organisations to steal data and take over accounts.More