f5-nz logo
Story image

Cyber threat spotlight: Kiwis report more, lose less in Q2

19 Sep 2018

CERT NZ’s April-June 2018 Quarterly Report suggests that cyber threats – and the amount of people who are reporting them – are once again on the rise, and fewer people are losing money.

The report says that there were 736 incident reports in Q2, compared to 506 in Q1. While Kiwis lost $2.2 million from those incidents, it’s a 24% drop in just a single quarter, and 68% of incidents reporting money loss were for amounts lower than $500.

That doesn’t mean that New Zealanders should rest easy, as CERT NZ’s analysis of incident types found that phishing and credential harvesting is taking a toll on businesses and individuals. 

The number of phishing and credential harvesting reports skyrocketed from 196 in Q1 to 455 in Q2. Some of this can be attributed to CERT NZ’s close collaboration with the finance sector, which reported 74% of incidents.

The ever-persistent scam industry is still up to its old tricks – there were 104 reports of scam and fraud, of which most related to individuals. 

The report also found that those most likely to be impacted by direct financial loss are over 55 years of age, however those aged 35-44 also reported $77,300 in losses.

In addition, most reports about individuals came from those aged 65 and over (25%), while those aged 25-34 followed closely behind (21%).

Two incidents involved scam and fraud involved losses of $100,000 or more. They join two other incidents to make up 77% of all reported financial losses, totalling $1.7 million. The other two incidents of phishing and credential harvesting and unauthorised access.

While phishing and credential harvesting affected many organisations, vulnerabilities were also responsible for 69 incidents in organisations.

Those reported vulnerabilities include ones in websites or web servers (37 reports), authentication, authorisation and accounting (10 reports), networking (9 reports), and a number of others across software, applications, mobile devices, peripherals, and IoT devices.

“Of the 69 vulnerability reports received 1 January -30 June 2018, 54% related to website applications and servers, 14% to authentication, authorisation and accounting and 13% to networking,” the report says.

In one case a security researcher at ZX Security discovered vulnerabilities in cybersecurity products from global cybersecurity firm WatchGuard Technologies. WatchGuard, CERT NZ and the researcher worked together to analyse and verify the three vulnerabilities as part of a coordinated disclosure.

They released CVE identifiers as part of their findings and WatchGuard patched the vulnerabilities.

"By working together, potentially serious flaws in these products were able to be resolved in a timely and positive way, helping keep New Zealand businesses and organisations safe,” CERT NZ states.

Businesses and individuals can report cybersecurity incidents to CERT NZ. To do so, visit www.cert.govt.nz or call Freephone 0800 CERT NZ (0800 2378 69).

Story image
Privacy Act to roll out in December as Kiwis support stronger privacy laws
Of 1398 polled New Zealanders, 65% are in favour of strong privacy regulation, 29% are happy with the same level of regulation, and 6% prefer less legislation.More
Story image
Video games market booming following COVID-19 related lockdowns
As an industry custom-built for people to stay indoors, it is understandable that the global video games market has boomed in the last few months, bringing huge profits for the leading gaming companies and their shareholders.More
Story image
Hands-on review: 13-inch MacBook Pro - the butterfly keyboard is finally dead
With the typing experience improved and the insides bumped up and the Apple ecosystem now better than ever, the MacBook Pro is now an even more reliable tool.More
Story image
Hands-on review: JBL Tune 220TWS
Another great part of the design is the earbuds themselves. Most other earbuds on the market can’t be worn for more than two hours at a time because of the amount of pressure they put on ear canals. Thankfully, the JBL Tune 220 were designed with all-day wear in mind. More
Story image
Natural disasters, card fraud Kiwis’ top security concerns
A study by Unisys reveals the security concerns of Kiwi consumers in the world of COVID-19.More
Story image
Kiwi scoops grand photography prize at Sony Alpha Awards
Wanaka-based Oscar Hetherington won this year’s award for his seascape photo, called ‘Back Wash’. He’s the fourth consecutive Kiwi to win the grand prize – and $10,000 worth of Sony camera gear to boot.More