Cyber attacks and scams are increasing in number and sophistication,” says CERT NZ Director Rob Pope.
“Research tells us that around one in five New Zealanders experience a cyber attack of some kind and almost two thirds of online users are very concerned about the security of their information.”
Since CERT NZ was established in 2017, New Zealanders have reported more than 20,000 cyber incidents with direct financial losses of more than $60 million.
“Although the numbers are daunting, the upside is there are simple things we can all do that will make a big difference to our security online and help protect us from the vast majority of attacks,” Mr Pope says.
“Our research shows that while many New Zealanders have an understanding of cyber security, many New Zealanders still need to take action to stay secure.”
This Cyber Smart Week (18 – 24 October), CERT NZ is challenging New Zealanders to take five minutes each day to complete the following simple steps:
1. UPSIZE your passwords
Upsizing your passwords is one of the best ways to Cyber Up and protect yourself online.
CERT NZ recommends using long and strong passwords as they are much harder for attackers to crack. We recommend creating a passphrase, that’s a string of four or more words as it’s easier to remember and is stronger than a random mix of letters, numbers and symbols.
Try using four or more random words like, caption silence yacht Christmas
It’s also important to use different passwords on each account. If an attacker gets hold of one of your passwords, they can’t get access to all of your other accounts. It also means you only have to change the password for that one account. And using a password manager is an easy way to protect yourself online — and you’ll only need to remember one password for all your online accounts.
Five Minute Challenge: Start by upsizing the passwords on your bank, email and social media accounts.
2. UPGRADE to two-factor authentication
Upgrading to two-factor authentication (2FA) adds another layer of security to your accounts. You may have seen this on sites like Facebook or Twitter.
It’s a simple extra step after you log in, like using your thumb print or entering a code from an authentication app. You can enable 2FA on most of your online accounts, and your devices. You’ll usually find the option to turn it on in the privacy settings.
Five Minute Challenge: Upgrade the security on your bank, email and social media accounts by turning on 2FA where possible.
3. UPDATE your apps and devices
Updating your apps and devices helps keeps bugs and viruses out. Updates not only add new features, they also fix security risks that attackers can use to gain access to your information.
When a company releases an update for an app or operating system it could mean attackers are already trying to exploit weaknesses, so you need to act quickly. CERT NZ recommends setting updates to happen automatically whenever a new version is available.
Five Minute Challenge: Start with your phone, go to settings and see if you need to update any apps or operating systems. You can usually search your phone for “update” by swiping downwards on any part of the home screen to bring up a search bar.
4. UPHOLD your privacy
Take control of the personal information you share online and uphold your privacy. CERT NZ recommends checking your social media settings and check the sharing options for your personal details are switched to ‘Friends only’. Also check that any requests for personal information are legitimate before you share your details.
If a company or business asks you for information, think about why they might need it. Do they really need your middle name and phone number? If you’re not sure, don’t provide the information
Five Minute Challenge: Check your favourite social media account’s privacy settings to see if you’re comfortable with the level of information you’re sharing.
Statistics: (source: Online Safety and Security Survey 2020)
|Statement||% of NZ population|
|I am very concerned about online security||60%|
|I have experienced one or more cyber attacks in past 12 months||21%|
|I have an extremely/reasonably good understanding of cyber security||45%|
|I have no real knowledge of cyber security||20%|