IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Protecting New Zealand in the new cybercrime threatscape
Mon, 17th Sep 2018
FYI, this story is more than a year old

Most global organisations remain largely in the dark about the potential threats they face and the resulting impact.

This insight comes from Accenture's Cyber Threatscape Report 2018 and shows that too many organisations are still vulnerable to attacks, and not preparing for the worst.

Unfortunately, New Zealand's relative geographic isolation doesn't protect it from cyber attacks; the country's systems and IP are just as likely to come under attack as anywhere else.

New Zealand is also deeply integrated into the global digital environment, transforming the way people live, work and play.

New Zealand's businesses are digitally transforming, supported by good internet infrastructure, and immersed in a culture of innovation.

New Zealand's technology sector alone experienced revenue growth of 7.9% in the 2017 financial year and generated $7.3 billion in offshore revenues.

New Zealand organisations, just like their global counterparts, must keep an eye out for how cyber threats are changing – and adapt accordingly.

Cyber criminals are continuously networking, researching and testing out new tactics and procedures.

They are looking for new ways to disrupt operations, make money or spy on their targets, according to the report.

Therefore, organisations must be on the front foot, expanding their knowledge of potential threats and making the right investments.

They are not just directly attacking chosen targets with phishing campaigns and vulnerability exploitation; they are looking to reach their targets via the networks of third or fourth-party supply chain partners by exploiting weaknesses in less modern technologies, or by attacking Internet of Things (IoT) and Industrial Internet of Things (IIoT) technologies that were not originally designed with cyber defence in mind.

The convergence of information technology (IT) and operational technology (OT) is opening doors to adversaries to disrupt operations, deploy cryptomining malware, or to conduct deep-seated espionage operations.

Meanwhile, the number of nation-state-sponsored cyberattacks has grown, according to the report, and this is likely to continue.

New Zealand's National Cyber Security Centre found that in the past financial year, 122 cyber incidents were related to state-sponsored computer network exploitation groups.

Cryptomining

Another growing trend to be aware of is malware in cryptocurrency.

Miner malware rewards its operators with the cryptocurrency mined on infected hosts, with those victim systems potentially benefiting from rapid fluctuations in price.

Traditionally, miners have sought Bitcoin due to their currency's wide adoption among cyber criminals and legitimate businesses, but the report found a radical shift towards mining alternative cryptocurrencies, most notably Monero.

Ransomware

Ransomware continues to be the most prevalent form of attack to extort money from organisations.

Attacks against organisations doubled between 2016 and 2017, rising from 13% to 27% of reported incidents.

Cybercriminals are innovating their attack methods and diversifying their methods, using multi-functional ransom malware – encompassing secondary functionality such as minder malware or data exfiltration, to ensure a second layer of possible profitability.

Cyberattacks are becoming more complex, so now is not the time to be complacent or think it won't happen to an organisation.

The good news is, there are many tools and strategies organisations can use to manage this kind of risk:

  1. Firstly, organisations shouldn't feel they can only activate their incident response plans in the event of a breach. Now, the best approach is to adopt a continuous response model – always assume the organisation has been breached. Use incident response and threat hunting teams to look for the next breach  
  2. Expand a team's research capabilities, abilities to provide strategic insights and grow their use of cyber research tools and technologies  
  3. Build a data-driven approach fuelled by threat intelligence to better anticipate potential attacks and develop a more proactive security posture for businesses based on strategic, operational and tactical demands. One of the most effective ways to can ward off any attack is to think beyond the enterprise to the whole cyber ecosystem  
  4. Work with suppliers and partners around the world. Today, only about 39% of companies say the data exchanged with strategic partners or third parties are adequately protected by their cybersecurity strategy.

By analysing data, organisations can anticipate risk and adopt a more proactive approach and put in place robust defence strategies.

While cyber risks will never go away completely, there are plenty employees can do to protect an organisation's assets.

New Zealand's immersion in the global digital environment leaves it vulnerable to a myriad of ever evolving cyber crimes.

Therefore, organisations must increase their focus and investment in cybersecurity to ensure they are better protected and prepared.