New Zealand’s cybersecurity agency CERT NZ said it has received 568 reports about scams and fraud in the first quarter of 2022. These scams have led to a direct financial loss of $5.9 million, an increase of 269% from the previous quarter.
CERT NZ’s data indicated that the number of reported issues continues to grow. In 2021, there were 8,331 reported cyber attacks or online scams, up 6.7% from 2020.
NZTech chief executive Graeme Muller (pictured above) said that last week’s temporary stoppage of RealMe, the government digital identity system used to log into services like Inland Revenue and My Covid Record, raised fears that a Russian cyber attack was underway.
“While the threat of Russian cyber attacks could be a possibility, the reality is most cybersecurity issues faced by Kiwis stem from a lack of understanding of how to operate safely online,” Muller said. “Talk of Russian cyber attacks are a distraction, and our focus needs to be closer to home and how to be safe online. Risks continue to change and develop, and we need to do a better job of educating people and businesses of how to spot them and avoid them.”
Muller, citing data from CERT NZ, said there was a 1,000% increase in reported issues with malware. He also pointed out that in every single instance, this required a person to click on a strange link for the malware to access the system.
“Likewise, 138 businesses reported that they had been victim to phishing or credential harvesting attacks, where their staff inadvertently provide access to information that hackers can later use to attack the business,” Muller said. “It is critical that business managers understand these risks, what the latest trends in malware and phishing attacks are, and how to develop simple systems to ensure their staff are cybersecurity-literate.”
Muller said that if a business does not invest in training and educating staff, it risks losing significant amounts of money. In the last quarter of 2021, Kiwis lost more than $6 million to cyber attackers, according to CERT NZ.
To improve cybersecurity, Muller said businesses should have processes in place to help staff manage and update passwords, automatically deploy software updates, back up their systems daily and use two factor authentication when logging in.
Every year, NZTech hosts the New Zealand cybersecurity summit where business leaders gather to share their latest cybersecurity insights. This year’s summit will be held in Wellington in July, with discussions on topics such as securely managing a hybrid workforce, transforming security into a business enabler and locating business risks.