New Zealand’s National Cyber Security Centre (NCSC) Reports Surge in Cyber Threats and Vulnerabilities

New Zealand’s National Cyber Security Centre (NCSC) Reports Surge in Cyber Threats and Vulnerabilities

/in

Cyble New Zealand’s National Cyber Security Centre (NCSC) Reports Surge in Cyber Threats and Vulnerabilities

Overview

The 2023/24 Cyber Threat Report from New Zealand’s National Cyber Security Centre (NCSC), led by Lisa Fong, Deputy Director-General for Cyber Security at the Government Communications Security Bureau (GCSB), sheds light on the country’s rapidly changing cyber threat landscape. The report highlights an increase in cyber incidents targeting individuals, businesses, and critical national sectors, underlining the growing complexity of cyber threats.

For the year ending June 2024, the NCSC recorded a whopping total of 7,122 cybersecurity incidents, marking a new milestone since CERT NZ’s integration into the NCSC. Of these incidents, 95% (6,799) were handled through the NCSC’s general triage process. These incidents primarily affected small to medium businesses and individual users and resulted in a reported financial loss of $21.6 million. While these incidents did not require specialized technical interventions, they still had a substantial impact on those affected, particularly in terms of financial losses and reputational damage.

A smaller subset of incidents, 343 in total, was categorized as having national significance. These incidents were more complex and targeted critical infrastructure or large organizations. Among them, 110 were linked to state-sponsored actors, signaling a slight increase in cyber activities from such groups. Financially motivated cybercriminal activities were responsible for 65 of these high-impact incidents, emphasizing the persistent threat from financially driven attacks such as ransomware and data exfiltration.

2023/24 Cyber Threat Report: State-Sponsored Cyber Threats and Ransomware

One of the most concerning findings in the 2023/24 Cyber Threat Report was the rise of state-sponsored cyber activities, particularly those linked to espionage. These threats have been exacerbated by geopolitical tensions, notably the ongoing Russia-Ukraine conflict. The NCSC observed an uptick in cyber incidents linked to Russian state-sponsored actors and pro-Russian hacktivists. It also noted the growing challenge in distinguishing between state-sponsored cyber activities and financially motivated criminal operations, as some cybercriminals operate with tacit state approval or support.

Ransomware continues to be a security concern, targeting both large organizations and smaller entities, including schools. Although there were efforts to disrupt certain types of financially motivated cyber incidents, experts warn that ransomware actors are evolving and diversifying their operations. Ransomware actors increasingly exploit exfiltrated data to extort payments, causing severe financial and reputational damage. Additionally, Distributed Denial-of-Service (DDoS) attacks are being utilized as an extortion tactic when encryption or data leaks are not feasible.

The Growing Threat of Cyber-Enabled Fraud

The report also highlights a rise in cyber-enabled fraud and online scams, particularly those conducted through social media platforms and cryptocurrency channels. Cybercriminals are increasingly compromising business or corporate email accounts to impersonate trusted organizations. This tactic enables them to deceive victims into sharing sensitive personal information. These types of fraud are causing significant financial and reputational harm as unsuspecting victims fall prey to sophisticated social engineering tactics.

Despite the rise in cyber incidents, the NCSC’s proactive measures in 2023/24 helped prevent an estimated $38.8 million in potential harm. Through swift interventions, the agency disrupted over 10.3 million malicious events, a sharp increase compared to previous years. The NCSC’s efforts in raising cybersecurity awareness, issuing vulnerability alerts, and promoting sector-based security collaborations are crucial in strengthening New Zealand’s collective cyber resilience.

The report strongly urges all New Zealanders and organizations to adopt effective cybersecurity practices and stay vigilant in the face of evolving cyber threats. As the country’s reliance on technology continues to grow, so does the need for better security frameworks to reduce the risk of cyberattacks.

The Role of Technology in Expanding Cyber Threats

The growing accessibility of advanced cyber tools has significantly lowered the barrier for malicious actors. Tools once reserved for well-resourced nations are now widely available to both state-sponsored actors and cybercriminals alike. This proliferation of sophisticated cyber capabilities, coupled with the widespread use of compromised credentials and vulnerabilities in public-facing infrastructure, has made it easier for malicious actors to operate at scale. The impact of these activities can be catastrophic, especially for organizations that rely heavily on technology to deliver services.

Emerging technologies like artificial intelligence and the increasing connectivity of systems have made the cyber threat landscape more complex and widespread. Cybercriminals are leveraging these advancements to launch more sophisticated attacks, exploiting vulnerabilities that were previously difficult to target.

Social Engineering and Phishing Attacks

Social engineering remains one of the most successful tactics used by cybercriminals to deceive victims into compromising their personal information. By exploiting human psychology, attackers manipulate individuals into taking actions that compromise their security.

The NCSC has seen an increase in social engineering tactics, particularly phishing scams targeting individuals and organizations alike. While technological defenses like multi-factor authentication (MFA) can mitigate some attacks, phishing remains a powerful and persistent tool for cybercriminals.

In 2023, the NCSC recorded global data breaches, some of which involved New Zealanders’ personal information. These breaches expose individuals to further cyber risks, such as phishing and account compromises, which remain prevalent and often lead to significant financial losses.

Trends in Cybersecurity Incidents

The NCSC categorizes incidents based on severity, with the most significant incidents classified as C3. These high-impact incidents often involve ransomware or data exfiltration activities and affect critical infrastructure or key organizations. The report notes that 2023 saw a decline in ransomware incidents compared to previous years, although the attacks that did occur were still highly disruptive. While ransomware remains a concern, other types of attacks, such as phishing and malware, are equally problematic.

In contrast to C3 incidents, moderate (C4) and routine (C5) incidents saw an increase in frequency. Many of these incidents were linked to vulnerabilities being exploited multiple times.

Conclusion

The 2023/24 Cyber Threat Report from New Zealand’s NCSC highlights the increasingly complex nature of cyber threats despite a decrease in overall incident volume. The most common attack techniques included exploiting vulnerabilities in public-facing applications and reconnaissance activities like vulnerability scanning and credential gathering.

The report also emphasizes the growing risk of adversary-in-the-middle (AITM) phishing attacks, which bypass traditional security measures like MFA, urging organizations to adopt more robust solutions such as phishing-resistant MFA methods. While the NCSC’s proactive efforts have successfully mitigated many threats, the expanding reliance on technology and the growing availability of cyber capabilities necessitate ongoing vigilance and adaptability.

References

The post New Zealand’s National Cyber Security Centre (NCSC) Reports Surge in Cyber Threats and Vulnerabilities appeared first on Cyble.

Blog – Cyble – ​Read More