CERT NZ Statement about WHOIS and GDPR

By Erica Anderson, Incident Manager, CERT NZ

Tuesday, April 10th, 2018

CERT NZ was established in April 2017. They work to support businesses, organisations, and individuals who are affected (or may be affected) by cyber security incidents. CERT NZ has released its final incident figures for 2017, showing that New Zealanders reported over 1100 incidents to CERT NZ, and lost more than $5.3 million lost to cyber security issues between April and December 2017.

"The small business community are often targeted by cyber criminals through the use of invoice scams and phishing campaigns. This year we heard all too often that business owners thought they were too small to be a target and didn’t need to worry about cyber security issues. However, cyber criminals are indiscriminate in their targeting and anyone online can be affected", says Rob Pope, Director, CERT NZ.

Of the 377 incident reports CERT NZ received between October and December 2017, 126 were reported phishing attempts. The domains used in these phishing campaigns are not triaged by CERT NZ alone. Often third parties will request a takedown of a phishing campaign that is targeting their brands and they will include CERT NZ on the request. This allows CERT NZ to collect data about the incidents that are occurring in the country while reducing the amount of time spent by CERT NZ on takedown requests. By doing this, CERT NZ can focus on higher impact projects that will prevent these incidents from being such a large issue for New Zealanders.

"Third parties rely on public WHOIS data to issue these takedown requests. Without access to this data, third parties would require CERT NZ to lead the triage on these incidents. This extra effort would take time away from focusing on preventing incidents and would instead be spent on cleaning them up", says Mr Pope.

Read CERT NZ's quarterly reporting