Managing Cyber Threats

Cyber security threats were on the rise prior to Covid-19, with high-profile cases including 339 cyber security incidents of national significance recorded by the National Cyber Security Centre in FY1[1], 38% linked to state-sponsored computer network exploitation groups, 17% detected after systems were compromised:

• 2019 – Ministry for Culture & Heritage

• 2019 – NZ Treasury

• 2017 – 2019 – NZ Transport Agency

However the Covid-crisis has seen an increase in threats[2] which may have several drivers[3]:

• Espionage actors operating for governments with economic interests at play or increased geopolitical tensions;

• Reduced spending from consumers means groups that traditionally go after credit card details need to find new income sources;

• Organised crime groups likely see this as an opportunity to target organisations in desperate situations; 

• Most high-profile ransomware operations are run as affiliate programmes, which has triggered a growth in the number of actors and affiliates who participate in their programmes. Ransom demands (and therefore revenues) are growing, encouraging other actors to enter the market;

• Opportunistic reconnaissance identifying vulnerabilities, possibly related to rapidly stood up remote working practices.

The latest target - NZX compromised for a week. 

Experts in cyber security and payments consider New Zealand’s security landscape immature, and therefore very vulnerable[4].

 The likelihood of threats becoming reality has also risen due to increased working from home and related risks for access to a company’s network,[5]:

• Temporary workplaces and home offices set up during the time of COVID-19 related lockdowns often don't have the same level of protection as the office;

• The internet connection at home is not secured to the same extent as an enterprise network, including uncontrolled and poorly informed network users;

• Highly emotive information, offers and surveys which are in reality cyber-criminal activity and scamming emails;

• Staff working from home don't have the option of asking colleagues across the office whether the contents of an email or identity of a sender could be trustworthy.

Organisations affected by cyber security breaches suffer significant consequences, which can include:

• Reputation and customer confidence: funding, customer participation and revenue

• Productivity: costs, investments

• Operational disrupt: damage to economy, property, personnel and customer health and safety

• Asset loss: data, digital assets

ICG has developed a cyber security audit program based on global best practice, which provides a comprehensive view of threats, their drivers and potential roadmap to security for councils, SOE’s, Departments, Ministries  and related entities such as key suppliers (see illustration above for our framework).

Depending on organisation complexity the audit and reporting can be performed in as little as 4 weeks, providing organization leadership and ICT management with a clear view of threats, mitigating actions and a risk-weighted plan.  Key recommendations include:

• Current and future target risk and maturity profile

• Security practice size/shape

• Risks and opportunities for customer facing, business network and control systems

• Governance opportunities

• Education and training opportunities

• Changes to current security footing as it relates to the environment

• End user enablement policies in areas such as mobile phone use, authentication, cyber education, etc.;

• Infrastructure and software planning; business continuity and disaster recovery;

 Recent client feedback on ICG’s Cyber Security Audit Program from a NZ local council CIO: “I have found (ICG’s consultant) work to be outstanding.”

Contact ICG for a confidential discussion on your situation and program alignment.

Marc Potter                                                                Chris Ward

CEO                                                                             Senior Cyber Security Consultant

marc.potter@internalconsulting.com                       chris.ward@internalconsulting.com

+64 027 4433 867                                                              +64 021 975 323

[1] www.ncsc.govt.nz/newsroom/cyber-threat-report-for-201819-released/

[2] itbrief.co.nz/story/trend-micro-covid-19-related-malware-and-spam-on-the-rise

[3] www.pwc.co.uk/issues/crisis-and-resilience/covid-19/why-an-increase-in-cyber-incidents-during-covid19.html

[4] www.nbr.co.nz/story/hackers-target-online-shops-covid-drives-sales?utm_medium=email&utm_source=NBR%20Today

[5] securitybrief.com.au/story/cyber-criminals-continue-to-capitalise-on-covid-19

Internal Consulting Group provides unbundled advisory services to private and public organizations across Asia Pacific, North America and Europe.  With an accredited professional membership base of 4,500  ICG operates a responsive high-capability model with significant value for clients.  

 In ICG New Zealand has completed a wide range of engagements for government and private sector clients: