The GCSB says its decision to name Russia as being implicated in direct hacking attacks on New Zealand was not taken lightly.

There are signs New Zealand organisations have been directly threatened by Russian state-sponsored hacking, GCSB director-general Andrew Hampton says.

"Attributing cyber incidents to particular countries is something that is carefully considered and is a step not taken lightly," he added.

The bombshell came in the wake of international concerns about Russian-backed hacks on networking equipment.

New Zealand's National Cyber Security Centre was on Tuesday pointing people to a strong-worded warning put out by the United States and Britain over "Russian state-sponsored" hacking.

READ MORE

* US, British governments warn businesses worldwide of Russian campaign to hack routers

* Cert NZ builds picture of cyber-crime

In what appeared unusually firm language, the United States Computer Emergency Response Team accused "Russian state-sponsored cyber actors" of using compromised computer network equipment to conduct a "worldwide" campaign of espionage.

The US warning said signs of the Russian government campaign to exploit weaknesses in devices such as internet routers were first detected in 2015 and threatened the safety, security, and economic well-being of the United States.

A National Cyber Security Centre (NCSC) spokesman was not able to comment on whether it had evidence New Zealand organisations had been affected by those incidents.

But Hampton said for the first time that there were indications "Russian state and state sponsored actors" were behind some of the 122 serious incidents identified in a GCSB annual report in November that had "indicators of connection to foreign intelligence agencies".

"New Zealand organisations were subject to both direct and indirect threats," he said. "Motivation for these incidents includes espionage and revenue generation."

The GCSB would not say whether any of the attacks had been successful.

Australia's Minister for Law Enforcement and Cyber Security, Angus Taylor, said in a statement that "a significant number of Australian organisations" had been targeted by the latest campaign identified by the US and Britain.

Taylor described the incidents as "unacceptable" and called on all countries, including Russia, "not to take actions that could lead to damage of critical infrastructure that provide services to the public".

"This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors, and we must maintain rigorous cyber security practices," he said.

New Zealand's NSCS has linked to the US warning on its website and invited Kiwi organisations that want further technical information to get in touch.

The nature of the hardware vulnerabilities listed in the US report suggest that organisations that were using industry best practice to secure their networks should not have been compromised.

Instead, it indicated the campaign targeted poorly-secured network equipment, including devices for which manufacturers' default passwords had not been changed and older routers that were no longer supported with security patches.

However, it cautioned that once broken into, those devices could be "updated" with compromised software.

Network devices were "ideal targets" for hackers, the US warning said. "A malicious actor with presence on an organisation's gateway router has the ability to monitor, modify, and deny traffic to and from the organisation."

"The FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations," it said.