Nearly a third of all "serious" cyber-attacks in the last year targeted public sector organisations.
That’s one of the findings from the latest cyber threat report released by the Government Communications Security Bureau.
The agency’s National Cyber Security Centre looks after organisations of national significance, including government departments.
Figures given exclusively to 1 NEWS reveal that of the 339 incidents reported in the 2019-2020 year, 113 of them related to public sector organisations.
That number has decreased slightly from the previous year.
While the NCSC only focuses on nationally significant organisations, these incidents likely only reflect a small fraction of attacks on New Zealanders.
The report also reveals that 30 per cent of incidents coming through the National Cyber Security Centre had links to “state-sponsored actors”.
The 25-page document notes, “this type of activity poses a more serious national security threat, as it’s typically conducted for geopolitical or economic purposes”.
In a statement, the Centre’s director, Hamish Beaton, said state-sponsored and non-state actors have shown their willingness to widely target New Zealand organisations using a range of techniques.
“A common theme this year, which emerged prior to the Covid-19 pandemic, was the exploitation of known vulnerabilities in internet-facing applications, remote desktop services and virtual private network applications.”
“This means organisations with poor security posture are more likely to become a victim of malicious cyber activity, and are much less likely to detect such activity before harm is caused,” Mr Beaton says.