MinterEllisonRuddWatts has shared guidance for New Zealand businesses on managing ransomware attacks, addressing the rising threat and its complex implications.
Richard Wells, a partner, and Suzy McMillan, a senior associate from the firm’s corporate and commercial team, outlined critical steps and considerations for responding to these incidents.
Ransomware attacks, which involve hackers encrypting an organisation’s data and demanding payment for its release, have emerged as a significant concern.
McMillan explained that some attackers now use tactics such as threatening to publish sensitive data to exert additional pressure.
The firm emphasised the importance of preparation and quick response. Businesses should activate incident response plans, assemble crisis management teams, and consult professionals, including cybersecurity experts and negotiators.
Wells underscored the necessity of coordinating with cyber insurers and alerting authorities like the police before making critical decisions.
They also discussed the implications of paying ransoms. Wells noted that payment may not always result in data recovery and can create reputational and ethical dilemmas, particularly as it could fund further criminal activities. He added that the New Zealand government’s stance on ransom payments differs from approaches in other jurisdictions.
She compared New Zealand’s approach to Australia’s, where mandatory reporting of ransomware payments and a Cyber Incident Review Board have been established to bolster collective resilience.
Meanwhile, other experts are urging New Zealand organisations to adapt to a rapidly changing threat environment as artificial intelligence (AI) and new technologies transform how cyberattacks are executed.
Evolving risks, such as AI-enhanced phishing campaigns and innovative authentication methods, are prompting businesses to reassess their defences and align with updated regulatory expectations.
Industry experts have identified three critical focus areas for the coming years:
AI technology is enabling attackers to enhance the sophistication of phishing campaigns.
Chad Thunberg, chief information security officer at Yubico, noted that AI tools can create realistic fake emails, voices, or other content, making attacks harder to detect.
He recommended organisations validate unusual requests using independent communication channels to reduce the risk of falling victim.
Mark Baker, New Zealand country manager at Check Point Software Technologies, stressed the importance of active board engagement in cybersecurity strategy.
He argued that boards must go beyond oversight by allocating resources, ensuring compliance, and helping define long-term security plans. He also proposed cybersecurity training for board members, covering topics like ransomware and AI-driven threats.
