The Kingdom of Tonga’s National Computer Emergency Response Team (CERT Tonga) has co-led publication of a joint advisory with the New Zealand National Cyber Security Centre (NCSC) and the Australian Cyber Security Centre (ACSC).
This is the first time a Pacific nation has co-lead a joint advisory, and demonstrates the spirit of working together to achieve an improved cyber security environment for the Pacific region – the same spirit that underpins the PaCSON Vision. The advisory reveals the threat posed by ransomware group INC Ransom and their affiliate network, to networks hosted across the Pacific.
INC Ransom is a financially motivated cybercriminal group, with members targeting organisations through spear-phishing campaigns, as well as exploiting unpatched internet-facing devices or using purchased valid account credentials from initial access brokers.
INC Ransom and their affiliate network previously targeted the United States and United Kingdom, but since early 2025 has increasingly targeted Pacific island states, Australia and New Zealand.
To all users and security experts across the Pacific, PaCSON strongly recommends that organisations and government ministries implement the mitigations outlined in this advisory to reduce the risk of compromise by INC Ransom and to enhance detection of this threat.
Read the full advisory:
ACSC link
CERT Tonga link
NCSC link
https://www.ncsc.govt.nz/alerts/inc-ransom-affiliate-model-enabling-targeting-of-critical-networks/