Cybersecurity incidents in NZ for the 4th quarter of 2021
This is a look at the Quarterly Security Incidents report by CERT NZ.
The report can be found online, check out the references section.
Results are not surprising, an increase in Incidents. By a large amount when compared to the same period last year.
What’s surprising are the results, Year over year, an increase of almost 100% versus last Q4.
Interestingly enough, the most reported Incident category was “malware”. Which is very concerning, given that the circumstances under which these malwares were identified are not disclosed. Hopefully they have been picked up by antimalware or another security control before they were executed.
Phishing was the second most reported incident category. Also makes you wonder what is included under “phishing”.
Lastly, there was an important note on the Flubot campaign for mobile devices making the rounds in the ANZ region.
Flubot is a malware spread through SMS that has the user install a malicious application which can propagate itself through the victim’s contact list and will steal banking and personal information from infected device.
Quoting CERT’s report:
In Q4, Flubot made up two-thirds of the 1,707 malware incidents reported to CERT NZ. Flubot (which we covered in Q3 2021) began affecting New Zealanders in September. It was sent through text messages containing a malicious website link that if clicked on, downloaded malware to the recipient’s phone. Reports of Flubot spiked in the first part of Q4, with a total of 1,107 reports across the quarter.
More details on the flubot campaign were made available by the Australian government, in their page.
Follow me on twitter: Camillo (@iamcamillo) / Twitter
Learn more about my Cloud and Security Projects:
Thank you for reading and leave your thoughts/comments!