Blog

Industry must work together to slow the tidal wave of SPAM [media release]

The “hush-hush” attitude of professional services firms and their IT providers when they experience a cybersecurity breach is adding force to the tidal wave of cyber-attacks continuing to devastate New Zealand businesses.

Wellington-based IT firm Resolve managing director Simon Falconer said industry groups being hit with sophisticated cyber threats need to work together, alongside their IT providers or staff, to combat the growing problem targeting SMEs in specific industries.

“We’re seeing a substantial increase in targeted cyber attacks against our customers, and we’re finding that when a breach occurs it’s usually a malicious attack the industry has already seen and dealt with. The same mistakes keep happening because we aren’t talking to each other about it and what lessons should be learned,” he said.

Resolve is calling for more collaboration and information sharing on security threats and breaches between professional services firms via private forums, but recognises some may not be willing to participate for fear that their reputation is at risk.

“No one talks – because when a security breach occurs the relevant business or the IT provider is embarrassed to suggest their clients’ data was at risk, and their reputation could be on the line. But if we were having these discussions in a respected and confidential environment we might be able to start combating the problem and provide better outcomes to our customers,” said Simon.

The New Zealand Computer Emergency Response Team (CERT NZ) continues to work on improving cybersecurity coordination across New Zealand, with their regular forums allowing for collaboration on matters relating to the cyber security of critical infrastructure and businesses.

Simon said that while it’s important to have coordination at a government level, there is still a need for more ‘on the ground’ level action in specific industry sectors.

“We want to see industry bodies like the Law Society or Chartered Accountants Australia and New Zealand leading the way and providing forums where breaches can be openly discussed and strategies developed within their own industry. The attacks are increasingly industry-targeted, and groups like the Law Society already have established structures to facilitate and organise forums like this.”

“There’s also perhaps a role here for CERT NZ to work more closely with industry bodies either through training, or better information sharing, and that way we can bring coordination together and reach a wider audience,” said Simon.

Current statistics show that over 85% of email traffic continues to be recognised as malicious or unwanted and either discarded or held in quarantine. Simon said new variants of malware, ransomware, and social engineering attacks are emerging constantly.

“The arms race between threat actors and security software developers continues to escalate, with new and sophisticated attack methods making an appearance every day. AI-generated phishing emails and deepfake voice calls are making social engineering attacks more convincing than ever, and staying on top of it requires constant vigilance,” said Simon.

CERT NZ continues to see significant increases in cybersecurity incidents, with business email compromise (BEC), ransomware attacks, and AI-enhanced social engineering representing the majority of successful attacks against New Zealand businesses.

The majority of targeted business attacks now involve sophisticated social engineering, including BEC attacks where criminals send payment requests with attached invoices from compromised supplier accounts, or use AI-generated voices to impersonate executives requesting urgent fund transfers.

Our team at Resolve works closely with industry bodies and professional services firms to implement robust cybersecurity frameworks tailored to their specific regulatory and operational requirements. If your organisation would benefit from a cybersecurity review or wants to discuss industry-specific threat intelligence sharing, we’d be happy to help.

Simon Falconer
Director, Resolve Technology
When he’s not finding a reason to buy the latest gadget, Simon is probably setting it up, breaking it, and fixing it again — all before breakfast.