China has been cited as one of the most active countries for cybercrime attacks at New Zealand's first Cyber Security Summit in Auckland.
Jim Lewis, senior vice president for the US-based Center for Strategic and International Studies, said the most active cyber attackers were based in Russia, Iran, and China, with the latter mainly focused on economic espionage.
Lewis cited the example of an Australian company in talks recently on a deal with Chinese interests who said there had been 200 efforts to break into its IT systems to get data that would have been useful during those negotiations.
"I talked to the head of a UK security firm who said it was just a normal part of doing business with China," he said. "They want what would give them a competitive advantage in any deal they're in."
China has been a growing market for Kiwi exporters, especially dairy product exporters, since New Zealand signed a free trade agreement with Beijing in 2008,
Microsoft vice-president of security Matt Thomlinson said its customer data showed a major upsurge in ransomware attacks since February.
Thomlinson said it often starts with spear phishing - an email that appears to be from someone you know - and has now moved from being targeted at consumers to industrial scale.
The latest Symantec Internet Security Threat Report estimated ransomware attacks in New Zealand averaged 108 per day.
The rise of bitcoin, a digital currency, is one reason for the upsurge in ransomware, said Bejtlich.
Mandatory reporting by companies that have been hacked can help others learn what's needed to tighten security, Lewis said.
"People don't like it because it can have a share price effect. That usually only lasts a quarter, though the effects on the brand can be longer-lasting," he said. "Greater transparency creates market incentives for companies to do better on cyber security."
New Zealand proposes replacing the current voluntary data breach reporting with a mandatory requirement, in draft legislation that should emerge by early next year.
