Recommended NZ | Guide to Money | Gimme: Competitions - Giveaways

Cyber attacks increase in NZ, businesses underprepared

Fuseworks Media
Fuseworks Media

With the number of recorded cyber security attacks and incidents across the country climbing 15 per cent over the last year, a leading global cyber security commentator is urging Kiwi businesses and organisations to better understand their cyber security risks, many of which need urgent review due to significant changes in the threat landscape.

Adam Boileau, executive director of Security Testing and Assurance at CyberCX, believes organisations are assessing their cyber security risk based on outdated information rather than keeping pace with the fast-changing world of the cyber threat landscape, which is currently made up of private and state-sponsored professional hackers.

The National Cyber Security Centre (NCSC) has released data showing NZ recorded 404 cyber incidents over the last year affecting ‘nationally significant organisations’. The incidents included ransomware, denial of service attempts and attacks on infrastructure. One of the most high-profile attacks was a breach of the Waikato District Health Board in May, which crippled the region’s health service at a time of extreme vulnerability, and exposed confidential patient data.

Adam says as attackers operate in an increasingly commercialised and commoditised way, the chance of cyber attacks is far higher.

"The motivation, resourcing, and ways in which attackers work have changed. There are multiple marketplaces for compromises, data and access. Along with changes in the geopolitical landscape, the ability for cyber attackers to make a profitable business of global, digital crime means organisations are more at risk than ever," Adam says.

"When it comes to minimising risk, business leaders need to be allocating at least the same amount of time and resources to protection from cyber threats as they do for maintaining other key parts of their business. Looking after people’s data and personal information, protecting a business’s intellectual property and ensuring the availability of service has never been so important".

The NCSC estimates their intervention prevented approximately $119 million worth of harm to nationally significant organisations in the year ending July 2021, however, businesses across New Zealand remain exposed to the risk posed by hackers sheltering out of reach of Western law enforcement, including in Russia, China, North Korea and Eastern Europe.

Adam says New Zealand is definitely on the radar of cyber attackers, and shouldn’t be fooled into thinking it is protected due to geographical isolation.

The NCSC’s report says people behind ransomware threats continue to adapt how they work and the tactics they deploy to maximise their profits. Adam Boileau says investing in cyber infrastructure needs to be constant, particularly as we work remotely and online in the pandemic.

"Now more than ever we’re relying on technology to run our businesses and our lives. Gone are the days where everything was on paper and filed away. Imagine waking up and losing access to everything - your bank accounts, data, customer/patient data, your entire operation. This is not a distant threat, it’s a real-life situation that businesses need to be constantly considering".

He says that at the beginning of 2020, most businesses wouldn't have had a pandemic response plan. Most had to scramble and some fell at this hurdle. When it comes to cyber security, instead of waiting for an incident to affect them, businesses need to learn from experience and begin planning their response today, as well as assessing the true risk and cost to their operation if they were to be hacked.

All articles and comments on have been submitted by our community of users. Please notify us if you believe an item on this site breaches our community guidelines.