Quarter One Cyber Security Insights 2024

CERT NZ’s Quarter One (Q1) Cyber Security Insights report provides an overview of cyber security incidents impacting New Zealanders from 1 January to 31 March 2024

This quarter, CERT NZ responded to 1,530 incident reports about individuals and businesses from all over Aotearoa. This report shares information about these incidents as well as highlights examples of work CERT NZ is doing to help. There are two parts to the report:

A Highlights Report focusing on selected cyber security incidents and issues.

A Data Landscape Report providing a standardised set of results and graphs for the quarter.

A total of 1,530 incidents were responded to in Q1 2024.

2024 quarter 1 incidents graph

Phishing and Credential Harvesting remains the most reported incident category in Q1 2023 despite a 36% drop in the number of reports.

2024 quarter 1 incidents by category graph

Focus Area: Battling Breaches

Data breaches are a significant concern for organisations of all sizes and their clients and customers.

A data breach occurs when an unauthorised person gets access to information they shouldn’t have. This can include anything from names and email addresses to credit card details, passwords, and intellectual property.

How it happens

Data breaches can happen because of an intentional attack or unintended error.

  • Cybercriminals can exploit vulnerabilities in systems or networks to access your data.
  • Someone in your organisation may be targeted in a phishing attack and tricked into revealing important information, such as their login details.
  • Insider threats can be a source of a data breach. Anyone with authorised access could misuse their privilege or intentionally leak information.
  • Data can also be leaked through human error, such as in an email to the wrong person, or through misplaced or stolen devices containing sensitive information.


Effects of a breach

A data breach can affect your organisation in many ways.

Drum up your defences

Good security practice is your best defence against potential attacks. Add layers of protection around the data you store to protect it from those who try their best to get their hands on it.

Case Study: James and the Giant Breach

James* is the IT manager of a shoe and clothing store chain called Centipod*, which has 40 employees across eight stores in New Zealand. He is alerted to a post on an online forum threatening to sell his company data, with the attacker claiming that 10,000 records are available. James realises that someone has gained unauthorised access to the database of the store’s customers.

His next actions will be crucial in deciding how the company meets this challenge. James has had previous experience of a data breach and he takes the following steps.

Insight: A report on reports

Nearly all of CERT NZ's information comes from the general public – people like you.

When businesses and individuals report online incidents to us, we know what scam and malware campaigns are affecting New Zealand. In this way, every report not only helps you, but all Kiwi.

You can report any cyber incident confidentially. If you're locked out of your accounts, suspect you have been targeted in a scam, or if your organisation suffers a data breach, you can report it to us using the reporting tool on CERT NZ’s website. 

Handling reports

CERT NZ works with partner agencies, like the New Zealand Police, the Department of Internal Affairs, banks and telecommunication companies. If you need more help, and consent to it, we can forward your report to these agencies.

You don’t have to experience an incident online to talk to us. If you think you or someone you know is being targeted in a scam, CERT NZ can provide technical advice.

What’s happening behind the scenes?

Almost half of the reports we receive are about phishing. Domains and URLs that are verified as phishing links get listed on CERT NZ’s Phishing Disruption Service (PDS). Organisations such as cyber security service providers who are subscribed to the PDS can block access to these domains so no one in the organisation they serve can get to the sites.

CERT NZ also sends takedown requests to service providers that host these domains. Often, these providers are based overseas. If they comply with our request, the website gets taken down and can’t be used to scam other New Zealanders.

But we cannot stop online attackers from creating a new domain or website and starting over again. We are alerted to these new domains when you report to us and the cycle repeats.

Insight: A case for passkeys

You might have heard some of the most popular phone apps are switching to or enabling passkeys to make logging in easier and more secure.

Passkeys are a way of logging in without passwords. They use something you have (like a USB key or your phone), or recognise who you are with your face scan, voice or fingerprint, to let you into your account. You may already have apps on your phone, such as your digital wallet, that use this form of authentication.

What happened to passwords? 

Passwords are the most popular tool for authentication. But scammers are always trying to get their hands on them, and their jobs are made easier when people don't have strong passwords or use the same password for multiple accounts.

That’s where passkeys have an advantage. Passkeys are device-specific, and your data is not saved on a website server. So even if the website suffers a data breach, scammers can’t steal your credentials.

Are passwords history?

Not quite. Passwords are handy and if done right, they can be a strong line of defence. If you use long and unique passwords, attackers can’t brute force their way into your account. CERT NZ strongly advises enabling two-factor or multi-factor authentication on your most important accounts, such as banking, email and social media, to make them more secure.

Use two-factor authentication to protect your accounts External Link  Own Your Online

Most sites and apps that let you use a passkey also require you to have a backup password that helps you recover your account. Not all devices can perform face or fingerprint scans, or take external keys, so passwords remain the most common method of verifying user identity. CERT NZ has a guide on creating good passwords and protecting your online accounts.

Create good passwords External Link  Own Your Online

Sign up to the quarterly newsletter to receive CERT NZ’s reports and updates.