News

Articles:

Protecting New Zealand from cyber attacks

According to a recent article, most global organisations continue to be in the dark about the possible threats that they may face and how these will affect them.

Accenture’s Cyber Threatscape Report 2018 shows that too many organisations remain vulnerable to attacks and yet they are not preparing for the worst.

Although New Zealand is somehow isolated geographically, that is not a guarantee from experiencing cyberattacks. The country’s systems and IP can still be potentially attacked from anywhere.

The country is deeply integrated into the global digital environment, transforming the way people live, work and play.

Moreover, the businesses are transforming digitally as they are being supported by good internet infrastructure and are immersed in a culture of innovation.

In the 2017 financial year, the technology sector has seen a revenue growth of 7.9% and has generated NZ$ 7.3 billion in offshore revenues.

To protect themselves, New Zealand organisation as well as their global counterparts should be prepared with how cyber threats are changing and adapt accordingly.

Cyber criminals are continuously networking, researching and testing out new tactics and procedures.

The report explains that cyber criminals are continuing to look for new ways to disrupt operations, make money or spy on their targets.

If the criminals are working nonstop to find vulnerabilities in organisations, then organisations must be on the front foot and expand their knowledge of potential threats and make the right investments.

These criminals are not just directly attacking chosen targets with phishing campaigns and vulnerability exploitation, but they are also looking to reach their targets through the networks of third or fourth-party supply chain partners by exploiting weaknesses in less modern technologies.

They will also try to attack the Internet of Things (IoT) and Industrial Internet of Things (IIoT) technologies that were not originally designed with cyber defence in mind.

The report mentioned that the number of nation-state-sponsored cyberattacks has grown and that the trend will likely to continue.

The National Cyber Security Centre of New Zealand discovered that in the past financial year, there were 122 cyber incidents related to state-sponsored computer network exploitation groups.

Several malware trends were outlined in the report. Cryptomining is a malware trend in cryptocurrency.

Miner malware rewards its operators with the cryptocurrency mined on infected hosts, with those victim systems potentially benefiting from rapid fluctuations in price.

The most prevalent form of attack to extort money from organisations is ransomware, with attacks doubling between 2016 and 2017. The number of reported incidents rose from 13% to 27%.

Cybercriminals are upping their attack methods and diversifying them by using multi-functional ransom malware.

This encompasses secondary functionality such as minder malware or data exfiltration, to ensure a second layer of possible profitability.

Being lax and complacent should be avoided as the kinds of cyberattacks happening are becoming more complex.

There are many tools and strategies that organisations can maximise in order to handle this kind of risk.

Organisations should adopt a continuous response model and always assume that the organisation has been breached. Use incident response and threat hunting teams to look for the next breach.

Improve on the research capabilities of the team as well as their abilities to provide strategic insights and increase their use of cyber research tools and technologies.

One of the most effective ways to prevent any attack is to think beyond the enterprise and instead on the whole cyber ecosystem.

Organisations should develop a more proactive security posture for businesses based on strategic, operational and tactical demands.

Significance on working with suppliers and partners around the world was stressed since only about 39% of companies say that the data exchanges with strategic partners or third parties are adequately protected by their cybersecurity strategy.

By analysing data, organisations can anticipate risk and adopt a more proactive approach and put in place robust defence strategies.

Being immersed in the global digital environment has left New Zealand exposed to a plethora of evolving cybercrimes.

Therefore, organisations must increase their focus and investment on cybersecurity to ensure that they are better protected and prepared.