Cyber-attacks are on the rise around the world and unfortunately New Zealand is not immune to this problem.

According to the annual National Cyber Security Centre threat report, released on 16th November 2021, there were 404 cyber security incidents "with a possible national impact, or affecting Aotearoa New Zealand’s nationally significant organisations."

The report further states how this increase in cyber-threats, "reflects the harm caused by ransomware and extortion campaigns. This activity increasingly targets critical service providers and organisations with no tolerance for extended periods of disruption." All of this took place within the 2020-21 financial year.

Lisa Fong, director of NCSC (National Cyber Security Centre) has said, “We have seen a sharp increase in recorded criminal activity (27%) in the past year, which is a jump from 14 percent last year. This is a trend that has been reflected in public reporting of high-profile cases of disruptive ransomware and denial-of-service attacks affecting New Zealand private and public sector organisations.

“Malicious cyber actors are increasingly using automated scanning to identify cyber security vulnerabilities, with actors returning to select high-value targets to exploit. Criminal actors will typically look to disrupt critical services and publish stolen material to the internet and to media outlets in an attempt to apply further pressure on a victim to expedite their extortion demands.”

Thanks to the NCSC’s efforts, an estimated $119 million worth of harm to nationally significant organisations was prevented during this period.

In a typical month, the NCSC detects at least 13 cyber intrusions that would affect one or more organisations.

What is more worrying is that the trend of increased cyber-attacks shows no signs of stopping or slowing down. In fact, it is becoming easier for malicious actors to get their hands on the resources needed to conduct these types of attacks.

Lisa Fong said, “It is becoming increasingly difficult to distinguish between state and criminal actors, particularly in cases where we are able to intervene early, but also because the line between state and criminal is becoming increasingly indistinct. State actors sometimes work alongside or provide havens for criminal groups, and we are increasingly seeing criminal groups now using capabilities once only used by sophisticated state actors.”

There have been a number of cases where such attacks have led to general chaos and disruption both in New Zealand and abroad. For example, in May of this year, a ransomware attack brought the services of DHB's to a complete standstill. It took days before the hospitals were able to get their IT services up and running again, causing significant delays in some processes, and hospitals were forced to conduct everything manually.

Also, back in early September this year, cyber-attacks left ANZ, Kiwibank, New Zealand Post, Inland Revenue and Metservice experiencing blackouts. Bank customers weren't able to do their banking on the internet and some people reported being locked out of their accounts altogether.

But just as malicious actors can get the resources to attack, so too can we get the resources to protect. People say that knowledge is power, so let us look into how these attacks work and what we can do to protect ourselves.

How the attacks work

One of the most common forms of cyber-theft is the use of ransomware. A ransomware attack is when a malicious actor gains access to your machine/network (for example, by getting you to click on a link disguised as something harmless like a special discount or confirmation for a package delivery or a prize) and then infect the machine(s) with a program that encrypts all the files in your computer. They then hold your files as ransom, telling you to pay them a certain amount of money within a time limit. If you don't pay, you risk having the files encrypted forever, and never being able to access them again.

On 22 November, the Otago Daily Times reported on how a business (not named for security reasons) had their computer systems, telephone and commercial data taken out and how the business ended up having to pay the ransom demanded by the hackers, in order to restore their systems.

Other types of cyber-attacks include: Malware (malicious software), the most common type of cyber-attack, is where a program or code is made to harm a computer or server; DoS (Denial of Service and DDoS (Distributed Denial of Service) Attacks, where a network is flooded with false requests, making users unable to perform tasks like opening emails, logging in to websites or accounts or any other online service; and Phishing attacks, where a potential hacker uses social engineering techniques to manipulate a victim to share sensitive data. This could be done via email, SMS, social media or other means.