15 Jun 2020

Hackers targeting working from home security flaws - CERT

8:11 pm on 15 June 2020

Cyber criminals are targeting companies with employees working from home, with remote access in many cases lacking sufficient security.

Hacker working on hacking some information. Cyber scam. 13 November 2018

File photo. Photo: 123rf.com

There has been a series of high profile cyber attacks on remote access software in recent weeks, with companies including Honda, Lion and Fisher and Paykel Appliances targeted.

The Computer Emergency Response Team (CERT) supports those who are affected by cyber attacks.

Its deputy director Declan Ingram said although the number of attacks was steady, ransomware attacks were more common.

"Unfortunately the attackers of the world have also adapted in changing the way they are compromising organisations," he said.

"We are seeing attackers utilising this remote access software to actually get inside the networks of the organisations they want to attack. Once they have that access, they are using that to lock and disable the systems then they are asking for money in order to re-enable those systems so the organisations can continue to operate."

Ransomware is a type of malicious software that stops a user from accessing their files or computer system unless they pay a ransom. It can be accidentally downloaded from emails or messages, or a person can be persuaded to download it, for example by someone on the phone pretending to be from a well-known organisation.

Ingram said just like other business disruptions, the impact of ransomware varied from case to case.

"Attackers don't typically target specific sectors or businesses, instead they're more likely to be financially motivated.

"An attacker that is trying to spread ransomware to make money is going to target computers that are easy to attack, for example computers that are aren't up-to-date," he said.

CERT said it did not recommend that businesses pay ransoms because there was no guarantee they would get their files back.

The National Cyber Security Centre operates within the GCSB to help protect New Zealand organisations of national significance from primarily state sponsored cyber security threats.

The centre said it had received regular reports from international partners showing an increase in malicious cyber activity internationally during the pandemic.

It had seen similar malicious activity in New Zealand such as Covid-19 themed phishing campaigns, but no specific cyber Covid-19 threats compromising New Zealand critical infrastructure.

Get the RNZ app

for ad-free news and current affairs