Local Threat Report Vikram Kumar – Chief Executive, InternetNZ 22/08/2012

© 2009 IBM Corporation Building a smarter planet About InternetNZ  Not for profit, open membership body  Our goal is to protect and promote the Internet for New Zealand  Combination of policy, advocacy with support for community groups  Recognised delegated manager for.nz domain name space .nz is run by 2 subsidiaries. Gives us income independent of government and commercial interests  Result: independent organisation with a drive to benefit the wider community 2

© 2009 IBM Corporation Building a smarter planet A Personal Story  Advanced Persistent Threats  No one is too small or unimportant  New Zealand’s geographic isolation and low level of physical threats tends to be reflected in our relaxed thinking about Internet threats 3

© 2009 IBM Corporation Building a smarter planet Do You Have Special Risks?  Identify any special threats. In that case, conventional “signature-based” anti- virus approach is no longer sufficient.  Run critical national infrastructure? –Family of malware (Stuxnet and Flame), likely State-sponsored, sophisticated, made by strong teams –Now expanded to commercial targets: Gauss, from the same family, targets commercial banking –Not known to target NZ specifically but could be collateral damage –Work closely with government (National Cyber Security Centre) 4

© 2009 IBM Corporation Building a smarter planet Special Risks continued  Trade, or plan to do so, with certain countries? –Some countries and businesses routinely use malware for stealing business secrets –Could be your supplier, lawyer or key staff  Commercially significant online operations? –Denial of Service attacks is a real threat 5

© 2009 IBM Corporation Building a smarter planet “Consumer” threats  Computer viruses and malware  Credit card fraud  Online scams  Phishing  Identity theft securitycentral.org.nz “In the last couple of years, more than 70% of New Zealanders have been the victims of some form of cyber crime” NetSafe 6

© 2009 IBM Corporation Building a smarter planet Attack Kits Are Changing the Economics  “Commoditisation” of Internet-based attacks  One estimate is that 2/3 rd of all online attacks can be traced to botnets and tool kits  Most popular: MPack, NeoSploit, and ZeuS  Typically priced from $40 to $8,000, depending on competition  For example, basic ZeuS tool kit costs $2,000 in a range of colours and optional modules (e.g. $2,000 more to hack Windows 7 computers; $2,000 for a Firefox form grabber; $1,000 for after-sales support; subscription to updates; etc.)  Used to steal financial and social networks credentials. A $4,000 investment in the ZeuS tool kit can easily return $50,000 to $100,000 with very little risk 7

© 2009 IBM Corporation Building a smarter planet How Big is the Problem?  Lack of neutral, credible statistics  A security vendor’s 2011 report put cost to New Zealand from cyber crime at $625 million/year; more than 2,000 Kiwis affected every day.  Another security vendor says cyber crime could cost NZ $4.7 billion every year  Unbelievable numbers undermines seriousness of the issue  Undermines ability to do a ‘cost/benefit analysis’ which should be at the heart of your risk management and security strategy “There has been no breach, that we are aware of, of New Zealand's banking system” TSB Bank 8

© 2009 IBM Corporation Building a smarter planet 2 Local Initiatives Backed by Credible Numbers  New Zealand Internet Task Force (NZITF) is a group of cybersecurity professionals across government, industry, vendors, researchers, etc.  A number of working groups across certification, exercising, surveys, etc.  I chair the Botnet Working Group  Initiative 1: Removal of drive-by malware –Drive-by malware infects users who simply visit an infected web page –Website owner mostly unaware as source of malware is 3 rd party advertising –Honeypot project carried out by the Victoria University of Wellington with funding from InternetNZ –Identified 241 malicious URLs in.nz domain over a 12 month period –Pilot will work with NZ Police to send notices to website owners 9

© 2009 IBM Corporation Building a smarter planet 2 Local Initiatives continued  Initiative 2: Infected customers’ devices –Statistics NZ survey indicates about 50,000 customer devices infected (zombies) –ISPs take a variety of steps when notified or detect an infected customer –May become a bigger problem once fibre brings ultra-fast broadband and bigger monthly data caps –Initiative is to share best practices; improved information about infections; and consistent approach by participating ISPs 10

© 2009 IBM Corporation Building a smarter planet Summary  Overall, New Zealand cybersecurity threats are in line with international trends  New Zealand’s geographic isolation and low level of physical threats tends to be reflected in our relaxed thinking about Internet threats  No one is too small or unimportant  Identify any special threats. In that case, conventional “signature-based” anti-virus approach is no longer sufficient.  Off-the-shelf attack kits are commoditising cyber attacks  Lack of neutral, credible statistics makes cost/benefit analysis difficult  Several initiatives under way from a number of organisations, including InternetNZ, under the umbrella of NZ Internet Task Force 11

© 2009 IBM Corporation Building a smarter planet Questions? © Internet New Zealand Inc Vikram Kumar Chief Executive, InternetNZ 12