The New Zealand government has issued new guidelines for public service organisations and businesses to protect against ransomware cyber-attacks. This policy was taken in response to the recent rise of high-profile ransomware events in New Zealand and abroad.
Implementing layered defences to stop malicious activity at different points within networks, segmenting networks to limit access by attackers, and appropriately monitoring to enable prompt identification, investigation, and response to malicious activity is all part of the in-depth defence strategy that has been emphasised by the National Cyber Security Centre (NCSC).
“Preparation is the key to success, your organisation needs to practise defence in depth to protect your systems, and people from malicious cyber activity and to be prepared should an incident occur,” reads a statement on the NCSC website.
NCSC noted that attackers often exfiltrate important information before installing ransomware and encrypting data. Reviewing systems to discover where sensitive information is housed is recommended to help businesses reduce these risks. Personal information, passwords, and proprietary ideas are all examples of highly confidential data. Risks related to stolen data, such as the loss of commercially sensitive information, should then be evaluated. Layered defences are a recommended strategy for preventing attacks on a network at its perimeter and inside its various nodes.
Risks to customers’ and workers’ privacy and the security of information systems on your network and any businesses you deal with must be calculated. While it is possible to decrypt data while it is in transit, it is also possible to decrypt data while it is stored.
Organisations should also have tried and accurate incident management procedures and backup processes in place and re-emphasise security awareness training for employees. The NCSC advised that employees should be on the lookout for suspicious communications and be instructed to notify the organisation’s security personnel of any unusual network behaviour.
Checking for patches or upgrades to essential systems and conducting risk assessments to determine which risk mitigation tactics or security uplift initiatives should be prioritised during a ransomware event. Because new zero-day vulnerabilities are frequently identified, even if an organisation is up to date with patches and upgrades to critical systems, every business needs to be ready to handle an emergency because accidents happen.
The NCSC suggested organisations to examines incident management plan and offers guidance on addressing the issue internally. A solid, tried-and-true method is the backbone of efficient incident management. There should be clear lines of authority and accountability in your business so that everyone knows what to do in the event of an issue and when they should be informed.
It is also essential to review the company’s backup procedure. Having faith in the organisation’s ability to respond to and recover from a ransomware outbreak requires regular testing of backups. The organisation should understand and test the process of restoring backups to ensure it can be completed quickly.
Ransomware attacks are illegal and should be reported to the New Zealand Police by victims and their employers. The victim suggested asking for guidance and direction from CERT NZ when an attack occurs. Cyber security trends in New Zealand can be monitored with the help of incident reports sent to CERT NZ. If a Nationally Significant Organisation (NSO) or other government agency in New Zealand experiences ransomware, they should immediately contact the country’s National Cyber Security Centre and not pay the attackers’ demands.
Beforehand, NCSC issued guidelines for the use of personal social networking apps on work devices. The guidelines emphasise the dangers that social networking apps may present to government organisations. There are potential security flaws in both the social media profile and app, most notably concerning data kept on synced mobile devices.
When it comes to downloading and using social networking applications on official phones and other devices, New Zealand government agencies can obtain advice from the government’s cyber resilience advising service.
