The Latest from CERT NZ

What’s New?

CERT NZ is a central organisation that receives cyber incident reports from both individuals and businesses. It tracks attacks and incidents, and provides advice and alerts.

The quarterly updates from CERT provide a valuable snapshot of what’s going on with cyber security in NZ, and give us a useful insight into trends and concerns.

Their latest update was released last week. It shows a decrease in the number of incidents reported from last quarter, but an increase in the type and complexity of scams.

Decrease in Incidents isn’t the Whole Story

There was a 41% decrease in the number of incidents that were reported to CERT in Q1 2022 compared to Q4 2021. However, the number of incidents reported continues to hover around the two year average of 2,200 per quarter:

phew CERT NZ Q1 2022-1

The amount of financial loss caused by the incidents was also down accordingly, but remained around the average of $4m per quarter:

phew CERT NZ Q1 2022-2

Some of the decrease can be attributed to certain types of malware (such as Flubot) that spiked the reporting at the end of 2021, but have started to tail off. However, ransomware incidents did increase significantly in Q1 2022, up 31% from the previous quarter.

Phishing Remains a Big Problem

Phishing and credential harvesting is consistently the most reported type of incident, and makes up an average of almost three quarters of all reports to CERT:

phew CERT NZ Q1 2022-3

Phishing is common because it’s cheap and easy to do, and doesn’t need complex technical skills. Human error means that even the most secure systems can be vulnerable, and attackers are aware of this. Tactics like urgency, fear and opportunity often lead people to respond to messages.

Scenarios that reflect current events can also make the message seem more plausible e.g. phishing attempts that focused on COVID-19 during the vaccine roll out. Government entities, banks, postal services, and charities are commonly impersonated.

The advice from CERT NZ in relation to phishing is simple and effective:

If you are unsure about a communication you’ve received:

  • Go direct. Type the URL into the address bar or use bookmarks to access websites rather than clicking links in emails or texts.
  • Just ask. If you’re unsure about an email or text you’ve received, it’s a good idea to check in with the sender via another method like phone or text, or run it past a colleague, friend or family member.

Other Ways to Stay Safe Online

Remember to always use unique passwords on all your accounts. Password replication can mean that, if your account information is discovered in an attack, multiple accounts may be affected, not just one.

Also, use multifactor authentication (MFA or 2FA) wherever possible. It adds an extra layer of security on your accounts, making it harder to access them without your knowing.

phew CERT NZ Q1 2022 MFA

NFTs: Attackers Evolve their Techniques

There has been a recent increase in reports of incidents relating to Non-Fungible Tokens (NFTs). NFTs are digital certificates of ownership that can only be bought using cryptocurrency. Each one is ‘minted’ to be unique. An NFT links to an item, such as a piece of digital art, and verifies who owns it using blockchain technology.

phew CERT NZ Q1 2022 NFT

Attackers are benefitting from the recent public interest in, and spending on, NFTs by setting up scams involving the buying and selling of NFTs and fake investments.

The advice is to treat NFTs with care and caution. Be wary of investments that offer super high returns, don’t buy from unknown websites, and protect your digital wallet by securing your private key carefully, and always turning on MFA.

In Summary

At any time, if you receive a scam or phishing email, or are concerned that your accounts have been compromised, contact CERT so they can record the incident and provide immediate advice to you.

And speak to us about how we can help protect you, your sensitive information, and your business against attack.