COVID-19: useful cyber security resources

New Zealand’s National Cyber Security Centre (NCSC) is encouraging organisations to maintain a high level of cyber security resilience and awareness during the national response to COVID-19. Cyber actors are likely to exploit public concern around COVID-19, and all organisations should ensure they have robust cyber security measures in place.

On this page we’ve compiled a list of resources produced by our partner agencies and other trusted organisations to help address cyber security challenges that are likely to emerge as more people work from home. We intend to regularly update this page as further information becomes available.

Update for June 26th, 2020

Update for June 3rd, 2020

Update for May 25th, 2020

  • The Australian Cyber Security Centre (ACSC) has released advice for critical infrastructure providers who are deploying business continuity plans for Operational Technology Environments (OTE)/Industrial Control Systems (ICS) during the COVID-19 pandemic.

Update for May 13th, 2020

Update for May 6th, 2020

  • The UK's NCSC and the USA's CISA have issued a joint alert to update on malicious cyber activity during COVID-19. This alert focuses on password-spraying campaigns targeting healthcare entities and essential services.

Update for May 4th, 2020

Update for April 30th, 2020

  • The USA's Cybersecurity and Infrastructure Security Agency (CISA) has posted an alert containing a list of recommended security configurations for organisations deploying Microsoft Office 365.

Update for April 24th, 2020

  • The UK's NCSC has launched a new Cyber Aware campaign which aims to help individuals and organisations to protect themselves online, especially in the context of the COVID-19 pandemic.

Updates for April 21st, 2020

Update for April 14th, 2020

  • The Australian Cyber Security Centre (ACSC) has produced a guide to help small businesses protect against cyber attacks and disruptions during COVID-19.

Update for April 9th, 2020

  • The USA's Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) have issued a joint alert to provide information on exploitation of the COVID-19 pandemic by cybercriminal and advanced persistent threat groups.

Update for April 6th, 2020

Updates for March 20th to 26th, 2020

  • Criminals are using the names of legitimate entities such as the World Health Organisation (WHO) or the U.S. Centres for Disease Control and Prevention (CDC) in attempts to obtain personal information or funds. Read the warning issued by the WHO for further information.