The National Cyber Security Centre (NCSC) in New Zealand has recently published its Cyber Security Insights Report for the third quarter of 2024, shedding light on the alarming increase in cyber incidents across the country. According to the report, there has been a significant 58% surge in reported cyber incidents compared to the previous quarter, with a total of 1,905 incidents recorded.
While the spike in cyber incidents may raise concerns, the NCSC views it as a positive indicator of the growing awareness among businesses and individuals regarding the importance of cyber security. The rise in incident reporting signifies a heightened commitment to safeguarding personal and organizational digital assets from potential cyber threats.
The report identifies phishing and credential harvesting attacks as the most commonly employed tactics by cybercriminals, with these types of incidents experiencing a 70% increase in the third quarter of 2024. These attacks, often involving deceptive links or websites used to steal sensitive information, pose a significant threat to both individuals and businesses.
Key trends highlighted in the NCSC report include a doubling of unauthorized access incidents, indicating a growing focus of attackers on targeting business and personal networks. Additionally, Adversary-in-the-Middle (AitM) phishing attacks, which bypass traditional security measures by compromising session cookies, have become a rising concern.
Furthermore, the report discusses the emergence of dynamic CVVs as a new technology aimed at combating online fraud. This advanced security feature generates one-time codes for cardholders during online transactions, offering enhanced protection compared to traditional static CVVs.
With the holiday season approaching, the NCSC has issued warnings about common scams designed to exploit unsuspecting consumers. As online shopping activities increase, the NCSC advises individuals to remain vigilant and seek advice on recognizing and avoiding scams through their Own Your Online website.
Despite the surge in reported cyber incidents, the financial losses associated with cybercrime decreased by 19% in the third quarter of 2024, totaling $5.5 million in direct losses. However, it is essential to note that 25% of all reported incidents still resulted in some form of financial loss.
The breakdown of cyber incidents in the third quarter of 2024 shows that phishing and credential harvesting attacks remain the most prevalent, accounting for 43% of all reported incidents. Other common categories include scams and fraud (31%), unauthorized access (16%), website compromise (6%), malware (3%), ransomware (2%), botnet traffic (1%), and others (10%).
The NCSC’s Phishing Disruption Service (PDS) has played a crucial role in combating cybercrime by collecting, analyzing, and blocking phishing links reported by the public. During the third quarter of 2024, the NCSC processed over 20,500 phishing indicators, with more than 6,200 added to the PDS database.
Overall, the NCSC emphasizes the importance of implementing strong security practices, such as multi-factor authentication, regular software updates, and advanced threat detection systems, to combat the evolving strategies of cybercriminals. As cyber incidents continue to rise in sophistication, enhanced cybersecurity measures are essential to safeguarding organizations and individuals against potential threats.