General Security Advisory: Understanding and preparing for cyber threats relating to tensions between Russia and Ukraine


The National Cyber Security Centre (NCSC) encourages Aotearoa New Zealand’s nationally significant organisations to consider and strengthen their cyber security readiness in response to heightened tensions between Russia and Ukraine.

Malicious cyber activity in Aotearoa New Zealand reflects international trends. Alongside heightened tensions, there is an increased potential for cyber attacks. These may have serious impact, even for countries and organisations not directly targeted. Previous examples of this include the NotPetya cyber-attack(external link) in 2018 and more recently the compromise of SolarWinds Orion software in 2020.

Aotearoa New Zealand has previously condemned(external link) the widespread disruption resulting from indiscriminate cyber campaigns conducted by Russia.

In light of the global threat environment, the NCSC recommends nationally significant organisations consider their security posture, exercise readiness, and monitor for relevant cyber security developments.


International partners have produced a range of advice to ensure readiness for specific cyber threats in the context of Russia-Ukraine tensions. For Aotearoa New Zealand, organisations may find this advice useful to consider:

Cybersecurity & Infrastructure Security Agency (CISA):

Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats(external link).

Cybersecurity & Infrastructure Security Agency (CISA):

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure(external link).

Canadian Centre for Cyber Security (CCCS):

Cyber threat bulletin: Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity(external link).


Click here to download this NCSC General Security Advisory [PDF, 335 KB].


For queries related to this advisory and how organisations can prepare themselves, please contact:

If you believe you have been affected by malicious cyber activity and require support, please contact: