2018 Report Summary
The CERT NZ 2018 summary gives an overview of what we’ve seen and done in 2018. It includes key figures about reports, incident types, financial loss, and vulnerabilities. It also highlights what we've been doing to improve cyber security in New Zealand.
What we've seen
In 2018, incidents reported to CERT NZ increased by 205%. These reports were received from individuals, small businesses and large organisations from all over New Zealand.
Top incident categories
The top three incident categories for 2018 were also the highest in 2017.
1,550 Phishing and credential harvesting reports
1,136 Scam and fraud reports
303 Unauthorised access reports
18% of reports made to CERT NZ had some form of financial loss with a total value of $14 million.
Over $8m of this loss was attributed to scam and fraud reports.
65% of the reports of financial loss affected individuals.
Vulnerability reports present a chance to prevent a cyber security incident before it occurs. Vulnerabilities reported to CERT NZ have ranged in severity and complexity.
124 vulnerabilities were reported to CERT NZ in 2018, 22 were managed under our coordinated vulnerability disclosure service.
Websites and web servers accounted for over 60% of vulnerability reports made to CERT NZ in 2018.
What we've done
Get Cyber Smart
Get Cyber Smart is CERT NZ’s primary platform to reach everyday Kiwis. In 2018 we worked with 95 partners who helped us reach more people than ever before.
In 2018 we contributed to the national and global cyber exercise programme, contributing to and participating in four cyber exercises which help us test our national and international ability to respond to cyber security incidents.
Advisories are our early warning system for New Zealanders. We triage incident reports we receive, and information about international cyber threats to get timely, actionable advice out to New Zealanders so they can protect themselves online.
We published 16 advisories in 2018.