Ransomware incidents continue to rise

CERT NZ’s latest report shows that ransomware incidents are on the rise.

16 September 2021

The Quarter Two (Q2) report, which highlights New Zealand-related cyber security trends between 1 April to June 30, shows there were more than 1,350 cyber security incidents responded to by CERT NZ, with almost $4 million in direct financial loss.

Of the reports received, ransomware showed a significant spike (from 12 in Q1 to 30 reports in Q2), followed by unauthorised access. The number of phishing and credential harvesting reports dropped by 5% from the previous quarter, however remains the most reported incident category type.

Ransomware is a type of malicious software that attackers use to usually target business and organisations. The aim is to access the computers and systems to encrypt files, and then demand a ransom to have them recovered.

“These types of attacks can result in data loss and significantly impacted operations as the affected organisation often has to go offline to recover systems and files,” says CERT NZ Director Rob Pope.

It may seem that meeting the attacker’s demands is the quickest way to get back and running, however CERT NZ strongly recommends not paying the ransom.

“Paying the ransom does not guarantee that your files will be recovered and if an attacker sees you are willing to pay, it may also open you up to future attacks,” says Mr Pope.

“If you believe you have been a target of ransomware, isolate your machines by disconnecting cords and router, seek the assistance of an IT provider, and please report the incident confidentially to CERT NZ – we’re here to help.” 

The Q2 report unpacks recovery and prevention steps for ransomware, and also looks at other incident types from the quarter. These include brute-force attacks[1] on internet-enabled devices and a spike in cryptocurrency-investment scams, and advice on how to protect from them.

“As with every cyber security incident, we work hard to quickly offer New Zealanders actionable steps for prevention and mitigation. Keeping New Zealanders informed of the risks that are out there, and empowering them to step up their defences is central to our role in building a cyber-resilient New Zealand,” says Mr Pope.

[1] Brute force is a method cyber attackers use to repeatedly guess passwords to access online accounts and internet-enabled devices. 

Q2 Highlights report and the Q2 Data Landscape report