31 Aug 2016

NZ companies facing 'very sophisticated' cyber-attacks

3:40 pm on 31 August 2016

New Zealand companies are being warned they are as vulnerable to cyber-ransoming as any other global company, with an "onslaught" of malicious hackers.

Computer keyboard

Photo: 123RF

Cyber crimes, and cyber-ransoming in particular, are on the rise in New Zealand, according to the GCSB.

In a cyber-ransoming attack, a company or individual's online files are locked down, and a ransom demanded for access to be restored.

Robert Harris is a New Zealander working in the United States for the company LP3-SecuriT, which helps companies of all sizes defend against, or respond to, cyber attacks.

He said hackers did not care "who you are, where you are" or what you did.

"To them you're just an IP address and if they can penetrate your network, once they're in there, they'll go as far as they can with the sophisticated devices they've got.

"It's changed a lot from the days when you've got the kids in hoodies trying to cause chaos, the cyber attacks are very sophisticated now - and it's really not a matter of if, but when, you're going to get breached."

Mr Harris said New Zealand companies could be even more vulnerable than those in countries with a high awareness of the need for cyber security.

"It's occurring absolutely everywhere. This year we've had cases where we've had to work in London, Italy and Germany."

In the US there was a "don't pay" policy, and companies were encouraged to contact the police or the Federal Bureau of Investigation (FBI) immediately.

Mr Harris said a certified cyber security firm could often help restore the system and, even if money had been paid over, if it was still within 48 hours, the FBI could often retrieve the funds, even it had been to paid to hackers in countries like China or Russia.

And while the problem was very prevalent, he said, it was hard to gauge the true extent, because often companies were reluctant to report it.

"And that's for very good reason, we're involved with the FBI at the moment where we're doing a forensic analysis with two companies that were breached, because it involved overseas hackers."

Many companies, he said, were reactive rather than proactive, often because they were unaware of the need for cyber security.

Mr Harris said ransomware attacks can be "very, very expensive".

"The latest statistics are that one health record costs a company approximately $US398, so doing some simple maths, if they get a few thousand records, that's an awful lot of dollars."

Symantec is another company that provides cyber security protections.

Technology strategist Mark Shaw said while ransomware had been around for a while, there had been a "significant resurgence" in the past few years.

There had been concerted efforts to target businesses, he said.

"While it takes a lot more effort to target a business, to find vulnerabilities, in their public facing, internet presence, the pay back is significant.

"If they can infect thousands of machines, rather than one or two machines, they can of course demand a higher ransom."

Mr Shaw said traditionally ransomware attacks had been on desktop PCs and laptops, but they were now targeting phones, and in one case even smart TVs.

NetSafe executive director Martin Cocker said his organisation also discouraged people from paying ransoms.

"You're paying a criminal to give you your own data back, those cyber criminals are using that money to fund further cyber crime and all sorts of things that you would much rather not see your money put into."

He said even if a ransom was paid, there was no guarantee someone would get their files back.

Some ransomware could be worked around and if the files were backed up, there could be other options, Mr Cocker said.

Get the RNZ app

for ad-free news and current affairs