Quarter One Report 2019
CERT NZ’s Quarter One Report provides an overview of the cyber security incidents reported from 1 January—31 March 2019. It also offers advice on how to prevent or mitigate these incidents.
This quarter, CERT NZ received 992 reports. This is the second highest number of incidents reported in a quarter to date. These incidents show that everyday New Zealanders and organisations continue to be affected by cyber security issues.
Some examples include:
- Both organisations (61%) and individuals (39%) experienced direct financial loss
- 96 reports of unauthorised access, the highest number in a quarter to date
- Email extortion campaigns make up 50% of all scam and fraud incidents.
Results by numbers
Number of incidents reported by quarter
We received 992 reports in the first quarter of 2019. This is the second highest number of incidents reported to CERT NZ in a quarter since its establishment.
Results by incidents
Breakdown of incident category
Phishing and credential harvesting, scams and fraud, and unauthorised access have consistently been highest incident categories since quarter four, 2017.
Scam and fraud incidents
Scam and fraud incidents decreased in quarter one, to 33% of all reports received – down from 50% in quarter four 2018. Despite the decline in reports, financial losses experienced as a result of scams and fraud made up 80% of the total in quarter one.
Top three types of scam and fraud incidents in quarter one were:
- 53% email extortion scams
- 24% scams related to buying and selling goods online
- 6% invoice scams
CERT NZ expects to see these types of scams evolve, with new variants being introduced as people become aware of scammers tactics.
Increasing number of unauthorised access reports
CERT NZ received the highest number of unauthorised access in a quarter so far, with a 19% increase on the previous quarter. Just over two thirds of these were about individuals.
Unauthorised access can be costly, in this quarter 30% of incidents reported financial losses, totalling $329,000.
Attackers targeted a range of account types like online banking, social media, cloud services and email. They do this for financial gain and to collect private information about the account holders and their contacts.
Business email compromise
A common type of unauthorised access reported in quarter one was business email compromise.