New report shows the costly impacts of cyber incidents on New Zealanders
The latest report from CERT NZ shows that cyber incidents can be costly. Alongside financial losses at a quarterly high, the incidents reported in quarter two are also impacting New Zealander’s day-to-day lives and business operations.
Financial losses reported between 1 April and 30 June were $6.5 million, up from the $1.7 million reported in the previous quarter. Of the 1197 reports in quarter two, 21% reported some type of loss.
“It’s evident that cyber incidents can result in financial loss, how ever losing money is not the only impact businesses and individuals experience.Cyber incidents can also result in other types of loss like data, reputational and operational,” says CERT NZ Director Rob Pope.
The Quarter Two report highlights a 38 percent increase in ransomware attacks from the previous quarter.
Ransomware is a type of malicious software that can get into a computer system and infect it. Once in, it encrypts files so they can’t be read or accessed, and demands a payment to unlock them. The attacks are mainly targeted at businesses through email attachments or out-of-date software vulnerabilities. CERT NZ strongly recommends not paying the ransom as it does not guarantee files will be recovered.
Reports show that ransomware can be highly disruptive. Of the 160 ransomware attacks reported since CERT NZ launched, over 70% reported some type of loss.
“Although there are some reports of financial loss, what we see from ransomware attacks are businesses reporting losses like customer information and operational capacity. Recovery from a ransomware attack can also be incredibly time consuming, affecting a business’s ability to carry out their usual services, and can damage their reputation.”
“The good news is that the risk of these attacks impacting you or your business can be easily mitigated with a few simple steps,” says Mr Pope,“Updating your operating systems and software, backing up your files regularly and installing antivirus software can go a long way to help keep you safe online”.
The Quarter Two report also shows New Zealanders of all ages are affected by cyber security incidents, with scams and fraud incidents making up 38% of all incidents reported to CERT NZ and accounting for 92% of direct financial loss this quarter.
“The data we gather from these reports and others is vital as it helps us to understand the evolving threat landscape. The more we know about the types of incidents affecting New Zealanders, the more we can be there to help New Zealanders and their businesses stay safe online,” says Mr Pope.
If you or your organisation experiences a cyber security threat – or if you suspect you may have been exposed to one – contact CERT NZ any time at www.cert.govt.nz or call 0800 CERT NZ, Monday to Friday, 7am – 7pm.
Read the attached quarterly report for more details.
CERT NZ’s Quarter Two Report 2019 provides an overview of the cyber security incidents reported between 1 April and 30 June 2019. It includes advice on mitigations to help New Zealanders build their online resilience.
Quarter Two 2019 Overview
· 1,197 incident reports were received by CERT NZ between April and June 2019. This is the second highest quarter after Q4, 2018.
· In Q2, reported direct financial loss was $6.5 million, the highest amount reported in a quarter to date.
· 21% of all incidents reported some type of loss (financial, reputational, data and operational).
· 41% increase in scam and fraud reports, from Q1.
· 38% increase in ransomware incidents, from Q1.
· 59% of incidents reported to CERT NZ were about individuals. These incidents show that New Zealander of all ages are impacted by cyber security issues.
· The incidents reported in Q2 help grow CERT NZ’s understanding of the threats and vulnerabilities that can affect New Zealanders.
· CERT NZ combines the data from incident reports with other threat information to provide timely and actionable advice to help New Zealanders build resilience to cyber security threats.