• Skip to content
  • Skip to navigation
Global site
  • Global site
  • Algeria
  • Botswana
  • Cameroon
  • Egypt
  • Ethiopia
  • Gabon
  • Guinea
  • Kenya
  • Libya
  • Malawi
  • Mauritius
  • Morocco
  • Namibia
  • Nigeria
  • Senegal
  • South Africa
  • Togo
  • Tunisia
  • Uganda
  • Zambia
  • Zimbabwe
  • Anguilla
  • Antigua
  • Argentina
  • Aruba, Bonaire, Curacao and St. Maarten
  • Bahamas
  • Barbados
  • Bolivia
  • Brazil
  • British Virgin Islands
  • Canada LLP
  • Canada RCGT
  • Cayman Islands
  • Chile
  • Colombia
  • Costa Rica
  • Dominica
  • Ecuador
  • El Salvador
  • Grenada
  • Guatemala
  • Honduras
  • Mexico
  • Montserrat
  • Nicaragua
  • Panama
  • Paraguay
  • Peru
  • Puerto Rico
  • St Kitts
  • St Lucia
  • St Vincent and the Grenadines
  • Trinidad & Tobago
  • Turks and Caicos Islands
  • United States
  • Uruguay
  • Venezuela
  • Afghanistan
  • Australia
  • Bangladesh
  • Cambodia
  • China
  • Hong Kong
  • India
  • Indonesia
  • Japan
  • Korea
  • Malaysia
  • Mongolia
  • Myanmar
  • New Zealand
  • Pakistan
  • Philippines
  • Singapore
  • Taiwan
  • Thailand
  • Vietnam
  • Albania
  • Armenia
  • Austria
  • Azerbaijan
  • Belarus
  • Belgium
  • Bosnia and Herzegovina
  • Bulgaria
  • Channel Islands
  • Croatia
  • Cyprus
  • Czech Republic
  • Denmark
  • Estonia
  • Finland
  • France
  • Georgia
  • Germany
  • Gibraltar
  • Greece
  • Hungary
  • Iceland
  • Ireland
  • Isle of Man
  • Israel
  • Italy - Bernoni
  • Italy - Ria
  • Kazakhstan
  • Kosovo
  • Kyrgyzstan
  • Latvia
  • Liechtenstein
  • Lithuania
  • Luxembourg
  • Malta
  • Moldova
  • Monaco
  • Netherlands
  • North Macedonia
  • Northern Ireland
  • Norway
  • Poland
  • Portugal
  • Romania
  • Russia
  • Serbia
  • Slovak Republic
  • Slovenia
  • Spain
  • Sweden
  • Switzerland
  • Tajikistan
  • Turkey
  • Ukraine
  • UK
  • Uzbekistan
  • Bahrain
  • Egypt
  • Jordan
  • Kuwait
  • Lebanon
  • Oman
  • Qatar
  • Saudi Arabia
  • United Arab Emirates
  • Yemen
Grant Thorton Logo

Grant Thornton Logo Grant Thornton logo

  • Meet our people
  • Insights
  • Services
  • Industries
  • Careers
  • Locations
  • Business advisory services
  • Financial advisory services
  • Tax
  • Audit
  • Operational advisory
Business advisory services Home
  • NZTE support for businesses impacted by COVID-19
Financial advisory services Home
  • Asia Services Group
  • Business valuations
  • Capital markets
  • Complex and international services
  • Corporate insolvency
  • Debt advisory
  • Expert witness
  • Financial models
  • Forensic and investigation services
  • Independent business review
  • IT forensics
  • Mergers and acquisitions
  • Raising finance
  • Relationship property services
  • Restructuring and turnaround
  • Transaction advisory
Tax Home
  • Corporate tax
  • Employment tax
  • Global mobility services
  • GST
  • International tax
  • Research and Development
  • Tax compliance
  • Transfer pricing
Audit Home
  • Audit methodology
  • Audit technology
  • Financial reporting advisory
Operational advisory Home
  • Business architecture
  • Internal audit
  • IT advisory
  • IT privacy and security
  • PCI DSS
  • Process improvement
  • Procurement/supply chain
  • Project assurance
  • Risk management
  • Robotic process automation (RPA)
  • Energy and resources
  • Financial services
  • Food and beverage
  • Health and aged care
  • Media and entertainment
  • Not for profit
  • Professional services
  • Public sector
  • Real estate and construction
  • Grant Thornton New Zealand
  • Press releases
  • 2017
  • Number and diversity of cyber-attacks on the rise

Number and diversity of cyber-attacks on the rise

23 Feb 2017
  • Press releases
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012

New figures from Grant Thornton reveal that extortion and blackmail are more common forms of cyber-attack on businesses than theft of data or intellectual property.

This comes as the volume of attacks globally has risen sharply over the last 12 months. According to Grant Thornton, the findings lay bare the diversity of the threat to businesses today and the breadth of the response needed to remain resilient.

Grant Thornton’s International Business Report (IBR) survey finds that in New Zealand, 28% of businesses surveyed have faced a cyber-attack over the past year, placing Kiwi businesses eighth in the league table of 37 countries surveyed.

Nearly one in four businesses worldwide (21%) have faced a cyber-attack over the last 12 months, compared to 15% who said the same a year ago.

Of those who were attacked, the most common form of cyber-attack cited globally was damage to their business infrastructure (22% of firms). But other forms of cyber-attack experienced include using blackmail or extortion to obtain money (17%), a more common occurrence than theft of customer financial details (12%) or theft of intellectual property (11%).

Hamish Bowen, Partner, IT Advisory and Security at Grant Thornton New Zealand says, “Blackmail and extortion have been experienced more than theft because these types of attacks exploit the weakest link in an organisation, which is often people who are unaware of how their actions can open their organisation up to some serious vulnerabilities.  The success of these attacks is also helping to fund more cyber-crime. 

“In New Zealand there’s a common misconception that our physical location somehow shields us from cyber-attacks. Unfortunately the tyranny of distance doesn’t serve us well in this instance; our physical remoteness is irrelevant to attackers and is of no consequence to the exposure to cyber-attacks.

“Businesses will face larger financial loss from reputational damage, theft of customer details and intellectual property, and infrastructural damage.

“Regardless of the type of attack, it’s not a question of ‘if’, but ‘when’ your business will be attacked, so cyber security must become a priority for all organisations.

“Our own research here in New Zealand has revealed that cyber-security is one of the key top-of mind risks for organisations, but for most, risk management is increasingly being viewed as just a compliance or box-ticking exercise; recognising the risk is insufficient to protect your organisation.”

The IBR findings also reveal that globally, of those business leaders who have faced a cyber-attack in the last 12 months, nearly one in eight (13%) only realised the attack had occurred more than a week after the event. For 4%, it took longer than a month.

Bowen says, “We need to realise security for an organisation is a system of protection, prevention and response that requires people, process and technology.  We have too often focused on the technology component leaving ourselves exposed to common threats like ransomware, because we are not investing in security training of people and improving our general security processes. 

“This requires urgency and an investment in minimising the damage when the inevitable happens.”

For further information please contact:

Hamish Bowen
Partner, IT Audit and Advisory
Grant Thornton New Zealand
T +64 (0)4 495 1539
E hamish.bowen@nz.gt.com

  • Follow us on Instagram
  • LinkedIn icon
  • Twitter icon
  • Facebook icon
CONNECTclose
  • Contact us
  • Make an enquiry/submit an RFP
  • Meet our people
  • Careers
  • Alumni
  • Locations
ABOUTclose
  • About Grant Thornton
  • Insights
  • Press
LEGALclose
  • Privacy
  • Disclaimer
  • Sitemap

© 2021 Grant Thornton International Ltd (GTIL) - All rights reserved. "Grant Thornton” refers to the brand under which the Grant Thornton member firms provide assurance, tax and advisory services to their clients and/or refers to one or more member firms, as the context requires. GTIL and the member firms are not a worldwide partnership. GTIL and each member firm is a separate legal entity. Services are delivered by the member firms. GTIL does not provide services to clients. GTIL and its member firms are not agents of, and do not obligate, one another and are not liable for one another’s acts or omissions.

    • EN