Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Reported cyber incidents were down in the last quarter of 2024, but direct financial losses rose by 24 per cent, as state-based attacks were on the rise.
New Zealand’s National Cyber Security Centre (NCSC) released its quarterly Cyber Security Insights report this week, and while there appears to be some very good news, there’s some bad mixed in as well.
The NCSC dealt with 1,258 cyber incidents in the fourth quarter of 2024, which was down 34 per cent from the previous quarter, which peaked for the year at 1,905 incidents.
In particular, incidents involving credential harvesting and phishing dropped by an impressive 54 per cent.
Serious incidents – those that could affect “nationally significant organisations or with potential to cause national harm” – rose slightly, however, from 98 in the third quarter of 2024 to 100 in the fourth.
Of those, 20 were considered minor, 59 were routine, 17 were moderate, and only four were “significant incidents”. Thankfully, none of the incidents reported to the NCSC in the fourth quarter of 2024 were considered highly significant or a national cyber emergency.
Of these incidents, 21 were attributed to state-sponsored threat actors – a 30 per cent increase – 36 to cyber criminals, while 43 remain undetermined.
But the real damage was recorded in financial losses, which rose 24 per cent. New Zealand organisations lost $6.8 million in the wake of cyber security incidents in the fourth quarter, compared to $5.5 million in the previous quarter. Thirty-two per cent of reported incidents resulted in some form of financial loss.
Scams and fraud were the most reported forms of incidents, followed by phishing and credential harvesting, unauthorised access, website compromise, and malware, with ransomware coming in as the number six most reported incident.
There were 11 ransomware incidents handled by the NCSC, which is a 15 per cent decrease from the previous quarter.
On the other hand, the five distributed denial-of-service attacks reported to the NCSC represented a 400 per cent increase from the third quarter.
The NCSC’s Phishing Disruption Service – a free service that shares phishing indicators with organisations in New Zealand – published 995 indicators for the quarter. Financial services were the most impersonated sector.
Similarly, The NCSC’s Malware Free Networks service disrupted 162,018,985 malicious threats and recorded 5,071 unique indicators.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
