Otago has lost at least $230,000 in cyberattacks in 18 months, in what the Chamber of Commerce calls the "single biggest risk" to small businesses in the region.
The chamber yesterday hosted New Zealand’s cybersecurity agency CERT NZ as part of Cyber Smart week.
CERT NZ director Rob Pope said from self-reported figures Otago had lost $230,000 in the past 18 months from such attacks. The region had 54 attacks reported in this time.
Fifteen of these attacks were by "phishing and credential harvesting", which involves fraudulently obtaining information such as people’s personal user names, their passwords and victims’ credit card details.
The next most common type of attack was scams and fraud, of which there were 12 in the region.
However, these were probably just the "tip of the iceberg", and Mr Pope expected many attacks went unreported.
There was a lack of understanding of the impact of cyber issues until people were hit by attacks, he said.
Boards were starting to have more concern about the issue, which was "encouraging".
"But we’ve got a long way to go."
Small businesses were most at risk because they would be less likely to divert funds to investing in infrastructure such as updating old systems.
The trends in Otago mirrored that of the country, which lost $10 million in the past 18 months through more than 3000 cyberattacks.
"I can’t say with any sense of conviction that it’s the full picture, as it’s self-reported."
The information it obtained showed New Zealand’s situation followed international trends.
Cyberattacks were increasing in frequency, he said.
"We’re working on prevention-type messages, which means less spent on response."
The agency recommended "simple" prevention methods including using unique passwords, turning on "two-factor authentication" to create more steps to entering devices, updating apps and checking privacy settings.
Otago Chamber of Commerce chief executive Dougal McGowan said he believed cyberattacks were the "single biggest risk" to small and medium-sized businesses.
He encouraged business leaders listening to spread the news, as many more were likely affected.
Cyber attacks
Reported in Otago since April 2017:
Phishing and credential harvesting: 15
Scams and Fraud: 12
Unauthorised access: 8
Malware: 6
Ransomware: 4
Reported vulnerabilities: 4
Other: 5
Total: 54
