Skip to main content
Packetlabs Company Logo
Threats

New Zealand Ransomware Statistics

New Zealand Ransomware Statistics

What are New Zealand's leading cybersecurity statistics?

According to recent studies, ransomware has become the most dangerous cybersecurity threat facing New Zealand businesses today. CERT NZ's latest Q1 2025 report shows New Zealanders lost $7.8 million to cybercrime, which is a 14.7% increase from Q4 2024's $6.8 million.

For small and medium enterprises (SMEs) across New Zealand, understanding and preparing for this cybersecurity threat isn't just optional; it's essential for business survival.

Modern Ransomware Operations

Modern threat groups operate as organised crime businesses. And, like legitimate businesses, they come complete with customer service, payment processing, and franchise models.

The Rise of Ransomware-as-a-Service

The biggest game-changer has been "Ransomware-as-a-Service" (RaaS). Skilled developers create ransomware tools and rent them to less technical criminals called "affiliates." The affiliates run the attacks and split profits with the developers, typically 60-40.

This franchise model has dramatically increased attacks on small and medium businesses. Previously, cybercriminals focused on large corporations because they required significant technical skill and resources. Now, anyone can purchase a ransomware kit and target smaller, easier victims.

Double Extortion

Modern attackers do not just encrypt your data, they steal it first. This means even if you have perfect backups, they can still threaten to leak your customer information, financial records, or business secrets unless you pay. This "double extortion" tactic has made ransomware far more devastating than traditional data loss.

Triple Extortion

Thought double extortion was bad enough? Triple extortion is where cybercriminals go one step further. After first demanding payment to decrypt your files, then threatening to leak your stolen data, the criminal groups directly target the people whose information was stolen. They contact your clients, customers, or patients individually and threaten to release their sensitive personal data unless a ransom is paid.

This data could be medical records, financial information, personal images, videos, or other private details. This tactic puts enormous pressure on businesses because it directly harms the people they serve, often forcing companies to pay even when they have good backups and security measures in place.

The Impact on New Zealand Businesses

Ransomware can destroy a small business in ways that go far beyond the initial ransom demand. New Zealand has seen several high-profile attacks that demonstrate this reality. The 2021 Waikato DHB ransomware attack paralyzed hospital systems for weeks, affecting patient care across the region. Internationally, we have seen companies like UK freight firm KNP pay their ransom but still collapse, and Travelex pay US$2.3M yet still go out of business months later.

The National Cyber Security Centre's (NCSC) latest Q1 2025 report shows cybercrime continues to escalate, with $7.8 million in direct financial losses reported, up 14.7% from the previous quarter. This represents the second-highest financial loss in a quarter ever recorded by the NCSC. The report shows that 28% of cybersecurity incidents resulted in financial losses, demonstrating how costly these attacks have become.

For SMEs conducting business in New Zealand, the impact includes immediate costs from system downtime, lost sales, emergency IT support, and potential ransom payments, plus long-term damage from customer loss, reputation harm, and regulatory fines if customer data is exposed under the Privacy Act 2020.

Essential Cyber Security Protection for New Zealand SMEs

Protecting against ransomware doesn't require enterprise-level budgets, but it does require the right approach.

Based on guidance from CERT NZ and the NCSC, here are the critical defenses every small business in New Zealand needs:

1. Bulletproof Backups

Your most important defence is backups that criminals cannot reach or destroy. Follow the 3-2-1 rule, which means keep three copies of important data and store them on two different types of media, with one copy completely offline or offsite.

Test your backups regularly, because discovering they do not work during an attack is too late.

2. Strong Authentication

Implement multi-factor authentication (MFA) on all business accounts, especially email and cloud services.

Use strong, unique passwords with a password manager. Most ransomware attacks succeed because of weak or stolen passwords.

3. Keep Systems Updated

Install security updates promptly on all computers, servers, and software.

Criminals constantly scan for unpatched vulnerabilities they can exploit. Enable automatic updates where possible, and set up a routine for checking critical systems weekly.

4. Email Security

Since most attacks begin with phishing emails, invest in advanced email filtering that blocks malicious attachments and links before they reach your staff.

Train employees to recognize suspicious emails and establish clear procedures for reporting them.

5. Network Protection

Segment your network so attackers cannot easily spread from one computer to all your systems. Install endpoint detection software that can identify and stop ransomware behaviour.

Consider managed security services if you do not have internal IT expertise.

6. Staff Training

Your employees are both your weakest link and strongest defense.

Conduct regular training on recognizing phishing emails, using strong passwords, and reporting suspicious activity. Run simulated phishing tests to identify who needs additional training.

7. Incident Response Plan

Develop a clear plan for what to do if you are attacked. Know who to call, which includes CERT NZ, your IT provider, and applicable cyber insurance company.

Know how to isolate infected systems, and how to communicate with customers. Practice this plan with your team before you need it.

Conclusion

Many small businesses try to handle cybersecurity entirely in-house.

Consider working with cybersecurity experts who understand New Zealand's regulatory environment and can provide professional penetration testing to find vulnerabilities before criminals do, engage in security assessments tailored to your industry and size, deploy incident response support when attacks occur, and offer ongoing monitoring and threat intelligence.

Contact Us

Speak with an Account Executive

Join our newsletter

Interested in Pentesting?

Penetration Testing Methodology Cover

Penetration Testing Methodology

Our Penetration Security Testing methodology is derived from the SANS Pentest Methodology, the MITRE ATT&CK framework, and the NIST SP800-115 to uncover security gaps.

Download Methodology
Pentest Sourcing Guide thumbnail

Pentest Sourcing Guide

Download our Pentest Sourcing Guide to learn everything you need to know to successfully plan, scope, and execute your penetration testing projects.

Download Guide

Explore in-depth resources from our ethical hackers to assist you and your team’s cyber-related decisions.

See All

Why Multi-Factor Authentication is Not Enough

Knowing is half the battle, and the use and abuse of common frameworks shed insight into what defenders need to do to build defense in depth.

September 13, 2024 - Blog

The Top Cybersecurity Statistics for 2024

The top cybersecurity statistics for 2024 can help inform your organization's security strategies for 2025 and beyond. Learn more today.

November 19, 2024 - Blog

Packetlabs at SecTor 2024

Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.

October 24, 2024 - Blog

Uncover exploitable weaknesses before attackers do.

Book your discovery call with our team of Offensive Security experts.

Contact Us
Packetlabs Company Logo
  • Toronto | HQ401 Bay Street, Suite 1600
    Toronto, Ontario, Canada
    M5H 2Y4
  • San Francisco | Outpost580 California Street, 12th floor
    San Francisco, CA, USA
    94104
  • Calgary | Outpost421 - 7th Ave SW, Suite 3000
    Calgary AB, Canada
    T2P 4K9
  • Australia | OutpostPacketlabs Pty Ltd.
    ABN 14 691 178 542
    Level 24, 1 O'Connell St
    Sydney NSW 2000
  • Linked In IconTwitter / X IconFacebook Icon