The latest threat report released by CERT NZ shows over 700 cyber security incidents were reported from 1 April to 30 June - the largest ever volume for a single quarter.
CERT also says phishing reports are also up significantly this quarter; from 196 in quarter one, to 455 in quarter two. It says the leap in reporting comes from closer collaboration with the financial sector, and has enabled CERT to get a better picture of the phishing campaigns that constantly target New Zealanders.
“The rising number of reports we are seeing demonstrates the growing level of trust for CERT NZ as a central front door for cyber security issues,” says CERT NZ Director Rob Pope.
“But the volume of incident reports is only one aspect of the work we do, and this quarter CERT NZ is pleased to be able to share deeper analysis and categorisation of reported vulnerabilities.”
Recently, the Law Society warned practitioners of an email fraud with the potential to steal hundreds of thousands of dollars in a single hit. The scam targeted lawyers, homebuyers and real estate agents.
Westpac’s Financial Crime Management Team recently disrupted a scam whereby a fraudster aimed to direct the $600,000 payment for the settlement of an entire house sale to themselves.
CERT says a vulnerability is a weaknesses in software, hardware or an online service that can be exploited to damage a system or access information. Sixty-nine vulnerability reports were received over quarter one and two of 2018, with 15 handled under its Coordinated Vulnerability Disclosure policy (CVD).
Mr Pope encourages all organisations to have a plan for vulnerability reports. “A little careful planning and talking to us ahead of time is likely to make the process much less painful for everyone involved,” he says.
The CERT NZ guide to securing business websites is available on the CERT NZ website: www.cert.govt.nz/protect-it.