Increased co-operation with banks and financial organisations has produced a 143% leap in reported cyber incidents, according to computer emergency response body CERT New Zealand’s second-quarter report.
It says the rise, compared with the first quarter, amounts to 507 cyber incidents, accounting for 69% of all incident reports.
Financial and insurance services was the most heavily targeted industry, with 350 incidents, driven by an increase in reports of phishing, which involves criminals attempting to obtain sensitive information by pretending to be a trusted entity.
About $NZ1.52 million ($1.39 million) of direct financial losses derived from “organisations”, accounting for 69% of total direct financial losses. Four incidents produced losses of $NZ100,000 ($91,353) or more.
Total losses from all cyber incidents for the period totalled $NZ2.2 million ($2 million), down 24% on the first quarter. About 68% of losses involved sums below $NZ500 ($457).
Some 44 incidents reported by organisations involved other forms of loss – reputational, data, technical damage or operational impact.
Among cyber incidents reported by organisations, 390 involved phishing and “credential harvesting”.
Insurance Council of New Zealand CEO Tim Grafton says it is important for businesses to have the right cyber security and plan how to manage risk.
“In an increasingly digital world, the likelihood is these attacks will continue,” he said.
He says company devices should not be connected to free or open Wi-Fi networks, and employees should change passwords regularly and avoid using default administration passwords. Only authenticated apps should be downloaded.