Over 3.3 million malicious URLs were clicked in New Zealand in the second quarter of 2014, up from 2.3 million in Q1, according to Trend Micro’s Q2 security roundup report.
The report, titled “Turning the tables on cybercrime: responding to evolving cybercrime tactics,” showed malware continued its prevalence in Q2, with the number of malware detections hitting more than 1.3 million in New Zealand, rising from 1.2 million in Q1.
Trend Micro threat researchers also found more than 63,000 malicious URLs were hosted in New Zealand throughout Q2 while the average number of spam-sending Internet Protocols (IPs) per month reduced to less than 1 million this quarter across the country.
At its highest however, there were 1.3 million spam-sending IPs in New Zealand in a month.
“The increase in malicious links being clicked on by New Zealanders in Q2 shows a clear need for continued consumer education on personal security to ensure people remain protected against these ever-evolving threats,” says Tim Falinski, Director, Consumer ANZ, Trend Micro.
“Consumers need to be aware of not just what they’re clicking on, but also what’s happening with their own personal data.
“For example, what retailers and businesses are doing with it. This often means asking more questions and reading the fine print, which requires a change in mindset for many people.”
Falinski claims cyber threats, data breaches and high-risk vulnerabilities continued to dominate the first half of 2014 with the severity of these attacks intensifying against banks and financial and banking institutions as well as retailers outlets.
Total attacks have exposed more than 10 million personal records around the world as of July 2014 and strongly indicate the need for organisations to adopt a more strategic approach to safeguarding digital information.
The incident attacks in the second quarter affecting consumers personal information included theft of data such as customer names, passwords, email addresses, home addresses, phone numbers, and dates of birth.
These types of personal privacy breaches have affected retail sales and business earnings while leaving customers unable to access personal accounts and dealing with service disruption.
As of July 15, 2014, more than 400 data breach incidents have been reported globally, creating the need for organisations to identify and understand their core data in order to protect and build an effective defence strategy to keep them and their customers secure.
As a first step, Falinski believes organisations need to determine which information they regard as “core data” before devising a plan on how to protect it.
Notable findings of the report include:
• Critical vulnerabilities created havoc among information security professionals and the public: High-risk vulnerabilities affected various components of Internet browsing and Web services, including server-side libraries, operating systems, mobile apps and browsers.
• Escalation in the severity and volume of attacks: The severity of attacks against organisations highlighted the importance of incident response planning and organisation-wide security awareness.
• Cybercriminals counter online banking and mobile platform developments: Deployment of mobile ransomware and two-factor authentication-breaking malware has emerged in response to technological developments in the online banking and mobile platforms.
• Digital Life and Internet of Everything (IOE) improved way of life with emerging vulnerabilities: The 2014 FIFA World Cup held in Brazil was one of the most popular sporting events in recent history, based on online engagement and activity. As such, users faced various threats related to the event, making it one of the most widely used social engineering hooks this quarter.
“The findings from the latest results point to several online vulnerabilities within our daily lives, especially with cyber criminals leveraging popular global events to lure and exploit people,” Falinski adds.
“This provides further evidence that people need to be more aware of how to avoid such online dangers and protect themselves from cyber threats like malicious links, phishing schemes and malware.”