Trending

ee-track">
Link copied!

NCSC Q3 2024 Report Highlights Cyber Incidents Surge By 58%, Highlighting Cyber Threats to New Zealand

The NCSC’s Cyber Security Insights Report for Q3 2024 shows 1,905 incidents, a 58% rise, with phishing and credential harvesting attacks up by 70%.

December 11, 2024 · 3 min read
NCSC Q3 2024 Report Highlights Cyber Incidents Surge By 58%, Highlighting Cyber Threats to New Zealand

Overview

New Zealand’s National Cyber Security Centre (NCSC) has revealed its Cyber Security Insights Report for Q3 2024, offering a detailed overview of the cyber threats impacting New Zealand. The third-quarter report highlights an increase in cyber incidents, providing a deeper understanding of threat actors targeting individuals, businesses, and organizations across the country.

According to the NCSC’s Cyber Security Insights Report, the number of reported incidents surged to 1,905 in Q3 2024, marking a 58% increase compared to the previous quarter. While this rise might initially seem disconcerting, the NCSC noted that such an increase is actually a positive development. It reflects more New Zealanders and businesses taking proactive steps by reporting cyber incidents, thereby contributing to the country’s overall security posture.

The report stresses several key trends, with incidents of unauthorized access almost doubling. Additionally, phishing and credential harvesting incidents jumped by 70%, illustrating the heightened efforts of cybercriminals trying to trick victims into clicking malicious links.

Overview of the NCSC’s Cyber Security Insights Report

The NCSC’s report highlighted various online threats that New Zealanders faced in Q3-2024. Threat Actors have increasingly targeted routers, attempting to break into home and business networks.

Another threat identified is the Adversary-in-the-Middle (AitM) phishing attack, which compromises session cookies to bypass traditional security measures. Furthermore, the report introduces dynamic CVVs—a new technology aimed at curbing online fraud and offering more security for card transactions.

As the holiday season approaches, the NCSC also warns of common scams designed to steal personal information and money. New Zealanders are encouraged to visit the NCSC’s Own Your Online website for additional guidance on recognizing and avoiding these scams.

report-ad-banner

Financial Impact and Incident Breakdown

The NCSC’s analysis of financial losses in Q3 2024 reveals a 19% decrease compared to the previous quarter, with reported direct financial losses totaling $5.5 million. However, 25% of all incidents reported still resulted in some form of financial loss.

A closer look at the types of incidents shows that phishing and credential harvesting continue to be the most prevalent types of cybercrime. These incidents accounted for 43% of all reported incidents. Other categories include scams and fraud (31%) and unauthorized access (16%).

Here is the breakdown of incidents by category for Q3 2024:

Incident CategoryIncident CountPercent Change from Q2 2024
Phishing and Credential Harvesting823+70%
Scams and Fraud596+37%
Unauthorized Access300+80%
Website Compromise56+65%
Malware29+61%
Ransomware13+86%
Botnet Traffic4+300%
Suspicious Network Traffic2-50%
Denial of Service1-75%
C&C Server Hosting10%
Attack on a System00%
Other80+63%

Phishing Disruption Service: Combatting Cybercrime

The Phishing Disruption Service (PDS), a free service provided by the NCSC, continues to play an important role in protecting New Zealanders. By collecting and analyzing phishing links reported by the public, the NCSC actively publishes verified phishing indicators for organizations to block. In Q3 2024, the NCSC processed over 20,500 phishing indicators, with more than 6,200 of those being added to the PDS.

In Q3 2024, postage and shipping services were the industries most commonly impersonated by phishing scammers, reflecting an increasing trend in scams targeting the e-commerce and logistics sectors.

Conclusion

The NCSC Q3 2024 report highlights 98 incidents affecting national organizations, ranging from minor to notable in severity. No incidents are categorized as highly national emergencies.

The rising number of cyber incidents emphasizes the need for improved cybersecurity measures as cybercriminals adapt their tactics. Phishing attacks and unauthorized access continue to be prominent threats, highlighting the importance of strong security practices like multi-factor authentication and advanced threat detection.

References

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams