Cert NZ has released its second quarterly report for 2018.
The Cert NZ reports provide an interesting snapshot of recent cyber security incidents reported by both individuals and organisations.
The latest report shows that cyber security incidents continue to increase quarter-on-quarter. Over 700 reports were made to CERT NZ in the second quarter of 2018, being the highest number in a quarter since CERT NZ was launched in April 2017.
There was a significant increase in the number of “phishing and credential harvesting” reports that were made over the last quarter. Reports in this category are up from 196 in quarter one, to 455 in quarter two.
Because social engineering attacks are effective, with potentially global reach, and very low cost to initiate, it is no surprise that the incidence of this vector of attack has strong and growing popularity.
The significant increase in numbers this quarter in particular comes partly from CERT NZ’s closer collaboration with the financial sector, which has provided a better picture of the phishing campaigns that constantly target New Zealanders.
337 of the phishing and credential harvesting reports came from the financial sector, and 321 of these reports showed hackers masquerading as well-known New Zealand brands.
Some of the more typical phishing emails reported to CERT NZ are those which contain attachments pretending to be Office 365 documents, or are emails which offer fake tax refunds.
The next biggest incident type was scams and fraud with 104 reports of incidents in this category.
Individuals most often tend to be the victims of scams and fraud, whilst corporates suffer most from phishing and credential harvesting.
This quarter, the CERT NZ report shows that direct financial loss totalled $2.2 million. This is down 24% from quarter one. 68% of reported losses were for amounts below $500.
This quarter, CERT also provided a new data breakdown showing the types of vulnerabilities reported to it.
A vulnerability is a weakness in software, hardware, or an online service that can be exploited to damage a system or access information.
In total, CERT NZ received 69 vulnerability reports in quarters one and two. The majority of these reports related to vulnerabilities in websites or web servers. Websites, particularly those of smaller businesses, are often vulnerable to infections which expose or exfiltrate sensitive and private information – see a further discussion of this issue here.
What Does This Mean for My Organisation?
The numbers of individuals and organisations reporting phishing attacks continues to rise. Increased vigilance, and security awareness for company staff, is of key importance.
Training for staff is paramount and should include:
- examples of social engineering attacks
- tips for how to detect unsafe emails
- procedures for the treatment of email attachments
- advice on how to detect website phishing
Organisations also need to ensure the security of their public websites by:
- updating or patching websites to fix any public disclosure vulnerabilities
- performing website penetration testing, and network security assessments to detect and fix vulnerabilities
Speak to phew today about protecting your company and assets from the risks of social engineering attacks.