Story image

Businesses beware as malicious URLs in NZ pass 60,000 mark…

13 Aug 14

Over 3.3 million malicious URLs were clicked in New Zealand in the second quarter of 2014, up from 2.3 million in Q1, according to Trend Micro’s Q2 security roundup report.

The report, titled “Turning the tables on cybercrime: responding to evolving cybercrime tactics,” showed malware continued its prevalence in Q2, with the number of malware detections hitting more than 1.3 million in New Zealand, rising from 1.2 million in Q1.

Trend Micro threat researchers also found more than 63,000 malicious URLs were hosted in New Zealand throughout Q2 while the average number of spam-sending Internet Protocols (IPs) per month reduced to less than 1 million this quarter across the country.

At its highest however, there were 1.3 million spam-sending IPs in New Zealand in a month.

“The increase in malicious links being clicked on by New Zealanders in Q2 shows a clear need for continued consumer education on personal security to ensure people remain protected against these ever-evolving threats,” says Tim Falinski, Director, Consumer ANZ, Trend Micro.

“Consumers need to be aware of not just what they’re clicking on, but also what’s happening with their own personal data.

“For example, what retailers and businesses are doing with it. This often means asking more questions and reading the fine print, which requires a change in mindset for many people.”

Falinski claims cyber threats, data breaches and high-risk vulnerabilities continued to dominate the first half of 2014 with the severity of these attacks intensifying against banks and financial and banking institutions as well as retailers outlets.

Total attacks have exposed more than 10 million personal records around the world as of July 2014 and strongly indicate the need for organisations to adopt a more strategic approach to safeguarding digital information.

The incident attacks in the second quarter affecting consumers personal information included theft of data such as customer names, passwords, email addresses, home addresses, phone numbers, and dates of birth.

These types of personal privacy breaches have affected retail sales and business earnings while leaving customers unable to access personal accounts and dealing with service disruption.

As of July 15, 2014, more than 400 data breach incidents have been reported globally, creating the need for organisations to identify and understand their core data in order to protect and build an effective defence strategy to keep them and their customers secure.

As a first step, Falinski believes organisations need to determine which information they regard as “core data” before devising a plan on how to protect it.

Notable findings of the report include:

• Critical vulnerabilities created havoc among information security professionals and the public: High-risk vulnerabilities affected various components of Internet browsing and Web services, including server-side libraries, operating systems, mobile apps and browsers.

• Escalation in the severity and volume of attacks: The severity of attacks against organisations highlighted the importance of incident response planning and organisation-wide security awareness.

• Cybercriminals counter online banking and mobile platform developments: Deployment of mobile ransomware and two-factor authentication-breaking malware has emerged in response to technological developments in the online banking and mobile platforms.

• Digital Life and Internet of Everything (IOE) improved way of life with emerging vulnerabilities: The 2014 FIFA World Cup held in Brazil was one of the most popular sporting events in recent history, based on online engagement and activity. As such, users faced various threats related to the event, making it one of the most widely used social engineering hooks this quarter.

“The findings from the latest results point to several online vulnerabilities within our daily lives, especially with cyber criminals leveraging popular global events to lure and exploit people,” Falinski adds.

“This provides further evidence that people need to be more aware of how to avoid such online dangers and protect themselves from cyber threats like malicious links, phishing schemes and malware.”

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.