Hackers steal business assets but Government cyber safety scheme offers little help
A spate of ransom computer hacks has hit New Zealand businesses, but hackers could be doing worse damage behind the scenes.
Deloitte partner Anu Nayar said hackers could secretly compromise a computer to steal confidential information and manipulate systems for as long as they liked without being noticed.
Ransomware was typically a hacker's last move when it had made the most of a business's assets, he said.
Nayar said such a hack could cause any company to go under by destroying its reputation, and the Government needed to make more small businesses aware of it.
* Cyber-security agency CERT NZ promises it will make a 'big difference'
* Emergency cyber security unit to handle all reports of cyber threats in New Zealand
* New Zealand upping digital security after 'massive' worldwide cyberattack
* New measures to combat cybercrime outlined by Government
Communications Minister Simon Bridges, who led the Government's 2016 Cyber Security Strategy, said he recognised that most small businesses did not have the resources or skills to deal with cyber security.
Bridges said the Government was in the process of developing a Cyber Credentials scheme to help small businesses.
The Government's 2016 Cyber Security Strategy formed the Computer Emergency Response Team (Cert NZ) and planned to encourage businesses to take precautionary cyber safety measures.
The action plan has been tested by two major global cyber attacks in the past month, WannaCry ransomware and NotPetya malware.
No computers in New Zealand appear to have fallen victim to either virus, but if they did, Cert NZ could not offer much help as its function is only to receive reports and offer advice.
Some Port of Auckland operations were slowed down when global shipping company Maersk was hacked by the NotPetya virus this month.
But port spokesman Matt Ball said there was nothing the Government could have done to prevent the flow on effect of the virus or support the port's recovery.
Ball said the port and freight industry handled the situation better on their own.
While increasing cyber attacks overseas raised the alarm for businesses here, Nayar said he wanted the Government to start promoting cyber security as a means to grow a business.
More business incubators for technology entrepreneurs creating cyber security products would reap economic benefits, he said. It had proved successful in Ireland, Israel and Singapore.
He called for more support of cyber education, the development of new learning programmes and encouragement to follow a career in the cyber security industry.
Nayar said the Government's lack of support for cyber safety was not due to a lack of effort, it just needed to do more of what it had planned.
"It is not the lack of doing, as with anything we have to continue to evolve our thinking."
Bridges said the Government's cyber safety action plan was constantly reviewed and he was open to new initiatives as the risk of cyber attacks intensifies.
Is your business growth on speed dial, despite all the missions you've faced so far? Entries for this year's Deloitte Fast 50 index are open now until July 28. Visit Deloitte Fast 50 for more information.