Back

New Zealand's Critical Infrastructure Faces Rising Cyber Threats

Severity: High (Score: 68.0)

Sources: www.techtarget.com, Buddlefindlay

Published: 2026-05-28 · Updated: 2026-05-28

Keywords: infrastructure, critical, cyber, security, zealand, strategy, contracts

Severity indicators: critical, critical infrastructure, rat

Summary

New Zealand's Cyber Security Strategy 2026-2030 highlights increasing cyber-attacks on critical infrastructure, with 80% of organizations lacking basic cyber hygiene. The National Cyber Security Centre reported a surge in malicious cyber events, disrupting over 473 million incidents in 2024/25. A modeled attack on Auckland's electricity system could cost over $1.6 billion, posing risks to public health and essential services. Historical incidents include the 2021 Waikato District Health Board ransomware attack affecting 400,000 people. The Strategy emphasizes the need for improved contracting practices to address cyber risks in infrastructure projects, as many systems are nearing end of life and vulnerable to exploitation. Key Points: • 80% of organizations lack basic cyber hygiene for operational technology. • Over 473 million malicious cyber events were disrupted in 2024/25. • A modeled attack on Auckland's electricity could cost over $1.6 billion.

Detailed Analysis

**Impact** New Zealand’s critical infrastructure sectors, including electricity, telecommunications, and healthcare, face increasing cyber threats with potential impacts exceeding NZD 1.6 billion in the event of a major attack on the Auckland electricity system. Approximately 80% of organisations lack basic cyber hygiene for operational technology, exposing core IT networks to exploitation. Past incidents include the 2021 Waikato District Health Board ransomware attack affecting 400,000 people and the Manage My Health breach compromising data of 100,000 patients. The threat landscape includes state-affiliated actors targeting telecommunications and other sectors. **Technical Details** Attack vectors involve exploitation of vulnerabilities in aging operational technology and the convergence of OT and IT systems, enabling remote cyber-attacks without physical presence. The NCSC reported disruption of over 473 million malicious cyber events in 2024/25, a significant increase from the previous year. State-linked campaigns such as Salt Typhoon have targeted telecommunications infrastructure. Recent AI advancements have autonomously identified thousands of high-severity vulnerabilities in major operating systems and web browsers, though specific CVEs or malware names were not disclosed. **Recommended Response** Infrastructure owners should urgently update contracting practices to include comprehensive cyber security requirements and prioritize patching of identified vulnerabilities in OT and IT systems. Deploy detection capabilities focused on anomalous network activity between OT and IT environments and increase investment in cyber hygiene training. Monitor for indicators of compromise related to known state-affiliated campaigns and leverage services like the NCSC Malware Free Networks. No specific CVEs or IOCs were provided for direct blocking.

Source articles (2)

  • Infrastructure contracts and cyber security: the gap — Buddlefindlay · 2026-05-26
    New Zealand's Cyber Security Strategy 2026-2030, released in February 2026, sets as a key priority of strengthening the cyber security of New Zealand’s critical infrastructure. The Strategy identifies…
  • Critical Infrastructure — www.techtarget.com · 2026-05-28
    Critical infrastructure is the collection of systems, networks and public works that a government considers essential to its functioning and safety of its citizens. The specific infrastructure that ea…

Timeline

  • 2021-05-01 — Waikato District Health Board ransomware attack: A ransomware attack disrupted health services for approximately 400,000 people, highlighting vulnerabilities in critical infrastructure.
  • 2024-01-01 — Cyber Security Strategy 2026-2030 released: New Zealand's strategy prioritizes strengthening cyber security for critical infrastructure amid rising threats.
  • 2024-01-01 — Malware Free Networks service disruption reported: The National Cyber Security Centre disrupted over 473 million malicious cyber events in 2024/25, a significant increase from previous years.

Related entities

  • Data Breach (Attack Type)
  • Ransomware (Attack Type)
  • Salt Typhoon Campaign (Campaign)
  • Manage My Health (Company)
  • Waikato District Health Board (Company)
  • New Zealand (Country)
  • People's Republic of China (Country)
  • United States (Country)
  • Energy (Industry)
  • Entertainment (Industry)
  • Financial (Industry)
  • Government (Industry)
  • Manufacturing (Industry)
  • Retail (Industry)
  • Telecommunications (Industry)
  • Transportation (Industry)
  • T1486 - Data Encrypted for Impact (Mitre Attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed