The second quarter of 2019 was a busy time for cyber attackers and online scammers, according to Cert NZ.
A record $6.5 million was lost to cyber attackers in the quarter while the number of attacks, at 1197, was the second highest ever.
There was a 41 per cent increase in scam and fraud reports, from Q1 and a 38 per cent increase in ransomware incidents.
All of that contributed to a 42 per cent increase in the number of reports Cert NZ referred to police.
"There were also 29 separate reports, totalling $62,000 in direct financial losses relating to the unauthorised access of a cryptocurrency exchange," Cert NZ reported, presumably referring to the Cryptopia hack.
"Recent reporting suggests that losses could potentially be $20-30 million, making it one of New Zealand’s costliest cyber security incidents to date."
Ransomeware attacks were mainly targeted at businesses through email attachments or out-of-date software vulnerabilities.
CERT NZ strongly recommended not paying the ransom as it does not guarantee files will be recovered.
Of the 160 ransomware attacks reported since CERT NZ launched, over 70 per cent reported some type of loss.
“Although there are some reports of financial loss, what we see from ransomware attacks are businesses reporting losses like customer information and operational capacity," said Cert NZ director Rob Pope.
"Recovery from a ransomware attack can also be incredibly time consuming, affecting a business’s ability to carry out their usual services, and can damage their reputation."
Pope said attacks can be easily mitigated by updating operating systems and software, backing up files regularly and installing antivirus software.