Adams: Launch of National Cyber Security Awareness Week
28 May, 2013
Launch of National Cyber Security Awareness Week
Good afternoon. It’s a pleasure to welcome you all to the launch of the second national Cyber Security Awareness Week.
Firstly can I acknowledge Martin and all the team at Netsafe for the excellent work they do in continuing to ensure issues of Cyber security remain front and centre and for pulling together this week of awareness-raising.
Netsafe do great work. I’ve recently been following with interest on Twitter some of the findings of their census@school highlighting the incredible degree of cyber activity amongst NZ children. Judging by my own daughter it probably shouldn’t have been a surprise to me to learn that 38% of teenage girls have a twitter account, but it was.
I also enjoyed your Password Monday video today as part of your tight 5 set of initiatives and was so motivated I immediately rushed off and changed some embarrassingly old and weak passwords for much better ones that are now so complex I might eventually need hypnosis to remember them.
And that is what Cyber Security Awareness Week is all about - teaching people some basic steps they can take that will protect them and their families from what is a real and ever present threat.
As you all know, cyber technology has developed dramatically in the last 20 years.
The internet and other new communications technologies have had an impact on our lives that we could not have imagined even a few years ago.
New Zealanders of all ages are now online talking with their families and friends, communicating with the government, shopping and banking. This connectivity will only increase as we continue with the roll out of ultra-fast broadband and the rural broadband initiative.
In the past, New Zealand has been isolated from many cyber threats because of our geographical distance.
Only very large and well-resourced crime groups could operate across countries and continents and our small size meant we were not attractive to that many big criminals. But size and distance no longer matters.
The recent bank heists in 27 countries, where hackers got into third party companies that process debit card transactions, show just how far cybercrime can go and how fast it can hit.
In that case groups used the data to make coordinated withdrawals worth tens of millions of dollars on one day in December and another day in February. That crime would not have been possible without a high level of global connectivity.
Cyber intrusions are becoming more advanced, more sophisticated, and more pervasive. And those behind the intrusions are coordinated, well-funded, and investing heavily in exploiting the digital environment.
Many businesses and providers are dependent on digital systems and do much of their work in the cyber environment.
Anyone who uses the internet can be vulnerable and bad computer hygiene makes it easier for cyber criminals to access computers and systems. But the message of this week is that taking a few simple steps can make all the difference.
The scale of the problem is difficult to measure because victims are often reluctant to come forward.
The Norton Cybercrime Report for 2012 estimated that every second, 18 adults become a victim of cybercrime, resulting in more than one-and-a-half million cybercrime victims each day on a global level – with losses totalling an average of US $197 per victim across the world in direct financial costs.
In the past twelve months, an estimated 556 million adults across the world have experienced cybercrime. This figure represents 46 per cent of online adults – although the figure in New Zealand is lower, estimated to be 39 per cent.
In 2012 New Zealand’s National Cyber Security Centre incident summary reported an increase of about 50 per cent in serious cyber intrusions when compared to 2011.
By serious, we mean incidents that met a threshold of putting New Zealand government information or critical national infrastructure at risk. There were 134 of these incidents in 2012 and we think this number is likely to be the tip of the iceberg. This year already we have had 149, showing the trend of rapid acceleration continuing.
But it is not just cyber intrusions that are increasing, consumer fraud is also on the rise.
New Zealanders are estimated to lose hundreds of millions of dollars a year to consumer fraud. Ministry for Consumer Affairs statistics show that one in ten people approached by a scammer will hand over money.
These victims will lose an average of almost $5000; some victims are losing tens and even hundreds of thousands of dollars.
The 2012 Household Use of Information and Communication Technology report, released last month by Statistics New Zealand, also has some interesting facts.
Four out of five New Zealand homes have access to the internet, with a particular increase across rural areas. However, cyber security awareness is lower amongst rural groups.
This shows we need to be increasing our awareness message so that rural New Zealanders are not left vulnerable.
The survey also shows that half of all New Zealanders had shopped online in the year before the survey.
What we are buying is changing. We now buy as many electronic items – such as music or e-books – as we do actual, tangible goods.
And we’re spending a lot of money online – 44,000 people had spent more than $2000 online in the month period before the survey.
Increasingly, too, we are using mobile devices to access the internet, meaning we can be connected wherever we are. While mobile connectivity is rapidly becoming a staple part of our lives, it means we need to think carefully about not just protection of our PCs but also of our mobile devices.
The 2012 Norton Cybercrime Report told us that 16 per cent of social network users in New Zealand have been victims of social cybercrime, specifically:
• 13 per
cent of New Zealand social network users reported someone
had hacked into their profile and pretended to be
• 1 in 10 New Zealand social network users said they had fallen victim to a scam or fake link on social network platforms
• 1 in 5 of New Zealand mobile users received a text message from someone they did not know requesting that they click on an embedded link or dial an unknown number to retrieve a voicemail
So what can we do about this?
Cyber security is a shared responsibility for all of us. It is the responsibility, both of individuals and businesses, to inform themselves about online risks and to ensure that they put the appropriate protections in place.
That is why I am pleased that private industry and government agencies have worked together getting behind Cyber Security Awareness Week. This type of partnership approach is a model for how cyber security initiatives can be successfully delivered.
Government, for its part, is increasing its investment in cyber security through initiatives in the Cyber Security Strategy and by making security a core component of our Government ICT strategy.
The priorities under those strategies are to increase awareness and online security, protect government systems and information, and strengthen incident response and planning.
Work is also taking place across multiple government agencies to tackle issues such as scams, spam, and identity theft and electronic crime.
The Government is also actively working with international partners on cyber security issues – a growing part of the cyber security agenda.
It is critically important for our international reputation that we constructively engage in the emerging discussion on cyber security. It is important also because international discussion will influence and shape responses to cyber security challenges, which are by their very nature, often trans-national
More recently, last year the National Cyber Policy Office was established in the Department of Prime Minister and Cabinet, to lead and coordinate cyber security policy on a whole of government basis.
There is also a big role for those outside government – and we are seeing cyber security effort in a range of sectors, including universities and research institutions.
While the Government has a responsibility to protect its own systems and to assist critical national infrastructure providers, ultimately, it is individuals who must take responsibility for their own safety and security online.
One weak computer can infect others, creating a domino effect.
It is vital that we all recognise the role we have to play as individuals in cyber awareness and do our part to make the whole New Zealand cyber system safer.
Cyber security awareness in New Zealand is still too low with few people knowing about the scale of the problem or the remedies to take.
It can be challenging for people and businesses to identify which aspects of information security are relevant to their projects and businesses. And, once identified, it is hard to find objective, trustworthy sources of advice and information.
That is one place where Netsafe plays an important role, providing excellent cyber security awareness and reporting tools for people and businesses and I certainly commend their “tight 5” set of initiatives to all as an easy way to understand and adopt core cyber protections.
The Government is also looking at how it could increase its role in highlighting cyber security. One option we are currently considering, is the establishment of a Cyber Security Awareness Advisory Group to continue to help raise awareness nationally of the importance of cyber security.
By raising cyber awareness, New Zealanders will have the confidence and skills they need to keep themselves, their families and their businesses safe online. And, when we’re protecting ourselves, we make the New Zealand cyber landscape just that much stronger.
The cyber world moves quickly and it will take all of us, working together, to respond just as quickly.
It now gives me great pleasure to officially launch the start of the 2nd annual New Zealand Cyber Security Awareness Week.