New Zealand’s National Cyber Security Centre (NCSC) has released its quarterly Cyber Security Insights report for Q4 2024, documenting the handling of 1,358 cyber incidents, marking a 34 percent decrease from the previous quarter’s 1,905 incidents. The decline occurs as global trends show increasing mobile-based cyber attacks, suggesting evolving attack patterns.
The report indicates that serious incidents, defined as those affecting nationally significant organizations or having potential national impact, increased slightly to 100 from 98 in Q3. These comprised 20 minor, 59 routine, 17 moderate, and four significant incidents.
Attribution analysis revealed 21 incidents linked to state-sponsored threat actors, representing a 30 percent increase from Q3. Cyber criminals were responsible for 36 incidents, while 43 cases remained unattributed.
Financial impacts showed an upward trend, with direct losses reaching $6.8 million, up 24 percent from Q3’s $5.5 million. The quarter saw 17 high-loss incidents exceeding $100,000 each, totaling $4.7 million in losses—the highest quarterly figure recorded.
Scams and fraud emerged as the most frequently reported incident types, followed by phishing and credential harvesting. The latter category saw a notable 54 percent decrease, dropping from 823 to 381 incidents, though the pattern matches increasingly sophisticated phishing techniques that may evade traditional detection methods. Ransomware incidents decreased by 15 percent, with 11 cases reported, contrasting with the increasing severity of attacks seen globally, such as the recent major healthcare sector breach in the United States. DDoS attacks increased to five incidents, up from the previous quarter.
The NCSC’s operational services showed significant activity, with the Phishing Disruption Service publishing 995 indicators during the quarter, primarily targeting the financial services sector. The Malware Free Networks service disrupted over 162 million malicious threats and recorded 5,071 unique indicators, demonstrating the scale of automated threat detection and prevention capabilities.
“A decrease in numbers doesn’t mean there’s less cybercrime. We know cybercrime is underreported and we need your reports to better understand and respond to the threats New Zealand faces,” said Tom Roberts, NCSC Threat and Incident Response Team Lead. “When you report to us, we can alert other New Zealanders and help protect them from cyber attacks and scams.”
Sources: Cyber Daily, Scoop, National Cyber Security Centre News
Follow Us