CERT NZ’s latest quarterly report says reported financial losses in Q4 totalled $5.9m, almost double the losses reported in Q3.
Eight incidents involved losses of $100,000 or more and accounted for $5.3m Of these six involved scams and fraud, including two invoice scams affecting businesses, one involved unauthorised access and one involved malware.
New Zealanders lost more than $14m to cyber security issues in 2018, over $8m to scam and fraud, and reports of these made up half the total.
CERT NZ said it saw increasing sophistication of email extortion scams — threat-based emails that try and trick people into paying money to make the threat go away — in the three months to December 2018.
CERT NZ received 1,333 incident reports in the quarter, a 56 percent increase from quarter three. Seven hundred and eighty three reports came from individuals in quarter four, a 130 percent increase from the previous quarter.
CERT NZ said some attack categories such as botnet traffic, command and control server hosting and denial of service reports remained consistently low through Q4 and throughout 2018. Each of these accounted for less than one percent of reports. However, CERT NZ was unable to assess whether these incidents were not happening in New Zealand as frequently, or whether they were not being reported.