The Ministry of Business, Innovation and Employment have distributed a statement on behalf of Government Cybersecurity Agency CERT NZ warning that there has been a surge of sophisticated malware attacks impacting everyday New Zealand as well as organisations of all sizes.
CERT NZ indicate they have received intelligence from one of its international partners that approximately 800 New Zealanders have been affected by this malware.
The attacks typically consist of a combination of malware – starting Emotet – which infects computer systems when a person clicks through a malicious email (known as a phishing attack). In many cases the computer will then be controlled remotely by cyber criminals and ultimately deliver a payload like Ryuk which blocks access to an organisations precious data.
Other functions of the malware includes the transmission of the malware to all the contacts in your address via email.
“The tricky thing is these malicious emails often don’t come from spam email addresses, which is usually a sign that an email is suspicious,” says CERT NZ’s Deputy Director, Declan Ingram.
Ingram continues, “As the cyber attacker has access to someone’s contact list, the email is sent from a person you know and could even be interspersed into an email conversation thread you’re having with them, making them hard to identify. That’s why it’s extremely important to have up-to-date antivirus software on your computer.
“It’s also worthwhile picking up the phone if you receive an email out of blue from someone you know which contains a web link on or attachment to double check if it’s the real deal.”
Paul Spain, Chief Executive and Futurist at Gorilla Technology highlights that this type of malware can lead to damage that will ultimately destroy some organisations and lead to heavy recovery costs for others. International evidence indicates recovery costs of over US$1million is not out of the question.
“As a country, we can’t afford to be complacent about cyber security. Computer viruses and malware should be compared to COVID-19 – except as a country, there is no quarantine barrier between us and the rest of the world. Every organisation that is connected to the internet is at a high level of risk if they haven’t put in place adequate protection mechanisms” says Spain.
Whilst there’s no 5 minute fix for cyber risks, here are four things that Spain advises every organisation should be ensuring are in place right now:
1. Cyber Awareness Training
Ongoing training of all staff in what to look out for and how to avoid being tricked by a malicious email or other tricks from cyber criminals will be helpful in reducing risk.
2. Phishing Testing
Carrying out regular ‘phishing testing’ exercises which involve sending staff emails that are very close to those send by cyber criminals. These exercises help educate staff – and highlight areas where additional training needs to be focussed.
3. Multifactor authentication
Putting in place multifactor authentication across key systems is another key to keeping systems protected. Similar mechanisms have been in place for many years to protect bank accounts.
4. Software Updates
Whilst most organisations understand the importance of backups and antivirus software, there are still a surprising number who do not ensure all computers have their software kept up-to-date. This is critical in avoiding unnecessary risks.
Finally, Spain advises that organisations who are unsure of their risk profile from a Cyber Security perspective should engage in an audit to find out where they are what they need to do to reduce cyber risk.