New Zealand Records 1,315 Cyber Security Incidents with 27% Drop in Financial Losses

The National Cyber Security Centre (NCSC) of New Zealand has documented a significant volume of cyber security incidents in its latest quarterly assessment, with social engineering attacks emerging as a prominent threat vector targeting organizations across the country.

Quarter Two Statistics Reveal Persistent Threat Landscape

Between April 1 and June 30, 2025, the NCSC processed 1,315 cyber security incidents, representing a 3% decline from the previous quarter. Despite the marginal decrease in reported cases, the data underscores the persistent nature of cyber threats facing New Zealand’s digital infrastructure.

Financial impact showed a notable reduction, with direct losses totaling NZ$5.7 million compared to $7.8 million in Q1 2025—a 27% decrease that suggests improved defensive measures or reduced attack success rates.

Social Engineering Tactics Target Organizational Helpdesks

NCSC Director Mission Enablement Mike Jagusch highlighted a concerning trend in attack methodologies. Cybercriminals are increasingly exploiting human vulnerabilities through sophisticated social engineering campaigns targeting organizational support systems.

“We are seeing a type of attack where a cyber criminal calls up an organisation’s helpdesk and pretends to be a staff member who needs help getting access to their account,” Jagusch explained. These attackers leverage psychological manipulation techniques, including urgency tactics, authority appeals, and sympathy exploitation to bypass security protocols.

Once access is obtained, threat actors proceed with malicious activities including sensitive data exfiltration and ransomware deployment, potentially causing substantial operational and financial damage.

Incident Categories and Response Protocols

Of the total reported cyber security incidents, 56 cases required specialist technical intervention due to their potential national significance. The remaining 1,259 incidents were processed through standard triage procedures, primarily reported by individuals and business entities.

Scams and fraud maintained their position as the dominant incident category, accounting for 514 reports. Phishing and credential harvesting ranked second with 374 documented cases, highlighting the continued effectiveness of these attack vectors.

The financial loss distribution revealed a concerning pattern: while most incidents involved losses under $500, approximately 50 high-value incidents worth $10,000 or more constituted $5.3 million—representing 94% of total reported losses.

Defensive Success Stories Demonstrate Cybersecurity Best Practices

The quarterly report included a case study showcasing successful defensive measures against sophisticated threat actors attempting to infiltrate a New Zealand organization. The incident demonstrated the effectiveness of fundamental cyber security practices in preventing data breaches.

“This case study highlights the effectiveness of good cyber hygiene. Due to the organisation successfully implementing strong passwords, multi-factor authentication and network segmentation, the NCSC could verify that no data had been stolen,” Jagusch noted.

Strategic Implications for Organizational Security

The NCSC’s findings emphasize the critical importance of comprehensive cyber security preparedness in an increasingly hostile digital environment. Organizations must prioritize both technical controls and human-centered security awareness to address the evolving threat landscape.

“There are valuable lessons to be learned from every incident we’re involved with. We hope organisations find our insights useful in bolstering their defences. In today’s challenging cyber environment, being well-prepared for an incident is more important than ever,” Jagusch concluded.

The quarterly data reinforces the necessity for continuous vigilance and adaptive security strategies as cybercriminals refine their methodologies to exploit both technological vulnerabilities and human factors in organizational security frameworks.

Read the Quarter Two Cyber Security Insights Report