Key Points
- The Australian Signals Directorate received over 87,000 reports of cybercrime incidents in the last financial year.
- It's a 7 per cent decline compared to last year, but businesses and individuals are losing more money.
- ASD director-general Abigail Bradshaw warned that state-sponsored cyber operations represented a significant risk.
The people responsible for detecting and disrupting malicious cyber threats against Australia receive a new report every six minutes.
More than 87,000 cybercrime incidents were reported to the Australian Signals Directorate (ASD) in the past year.
The total number was down 7 per cent in 2023/24, yet the amount of money victims of crime lost continued to climb.
Individuals impacted by online crime lost an average of $30,700 — an increase of seven per cent — while small businesses targeted by cyber attacks lost about $50,000.
Acting Prime Minister Richard Marles said the growing cyber threat is "very concerning" and it is up to the government and people to act.
"This is a real and present threat," he told reporters on Wednesday.
The directorate is responsible for foreign signals intelligence and cyber security. It collects and analyses data from communications systems, radio frequencies and electronic transmissions.
The agency answered more than 36,000 calls to the Australian Cyber Security Hotline over the year, an annual increase of 12 per cent.
Director-general Abigail Bradshaw said the threat report coincided with a changing environment online and conflicts overseas.
"This year's threat requires a shift in the nation's cyber security posture towards stronger defences," she said.
"It is a digital landscape in which, unfortunately, none of us can switch off lest we be forcibly disconnected by malicious actors."
State-sponsored cyber operations represented a significant risk to Australia, the intelligence agency warned.
Increased competition throughout the Indo-Pacific would only escalate this risk. China, Russia, North Korea, and Iran are understood to be behind the bulk of state-sponsored operations against Australia.
"State-sponsored cyber operations increase as geo-strategic tensions change, while cybercriminals and hacktivists also continue to remain an ongoing and persistent threat," Bradshaw said.
"Over the past year, ASD and our international partners have seen malicious cyber actors revising their tactics to avoid detection and blend in with regular network traffic, techniques known as living off the land."
China and Russia were using the technique prominently.
"(China's) choice of targets and pattern of behaviour is consistent with pre-positioning for disruptive effects, rather than traditional cyber espionage operations," the report said.
The most common types of cybercrime
Of the 1100 cyber security incidents the agency responded to over the year, more than one in 10 were related to critical infrastructure.
This includes communications networks, financial services and markets, as well as data storage and processing facilities.
More than one in four self-reported cybercrimes involved identity fraud, while 15 per cent were tied to online shopping and 12 per cent to banking.
Businesses affected by cyber incidents were most likely to be impacted by compromised emails, followed by online banking frauds.
English (US) ·