SIM inserted into a smartphone
Workers are welcoming reforms that mean they don't have to respond to work inquiries after hours. Image by Steven Saphore/AAP PHOTOS
  • politics

One every six minutes: the true scale of cyber attacks

Andrew Brown November 20, 2024

The people responsible for detecting and disrupting malicious cyber threats against Australia receive a new report every six minutes.

More than 87,000 cybercrime incidents were reported to the Australian Signals Directorate in the past year.

The total number was down seven per cent in 2023/24, and yet the amount of money victims of crime lost continued to climb.

Cyber crimes reported to national hotline
 More than 87,000 cyber crimes were reported to the Australian Signals Directorate last year. Image by Lukas Coch/AAP PHOTOS 

Individuals impacted by online crime lost an average of $30,700 – an increase of seven per cent – while small businesses targeted by cyber attacks lost about $50,000.

The directorate is responsible for foreign signals intelligence and cyber security. It collects and analyses data from communications systems, radio frequencies and electronic transmissions.

The agency answered more than 36,000 calls to the Australian Cyber Security Hotline over the year, an annual increase of 12 per cent.

Director-General Abigail Bradshaw said the threat report coincided with a changing environment online and conflicts overseas.

“This year’s threat requires a shift in the nation’s cyber security posture towards stronger defences,” she said.

“It is a digital landscape in which, unfortunately, none of us can switch off lest we be forcibly disconnected by malicious actors.”

Abigail Bradshaw
 Abigail Bradshaw is director-general of the Australian Signals Directorate. Image by Mick Tsikas/AAP PHOTOS 

State-sponsored cyber operations represented a significant risk to Australia, the intelligence agency warned.

Increased competition throughout the Indo-Pacific would only escalate this risk.

China, Russia, North Korea and Iran are understood to be behind the bulk of state-sponsored operations against Australia.

“State-sponsored cyber operations increase as geo-strategic tensions change, while cybercriminals and hacktivists also continue to remain an ongoing and persistent threat,” Ms Bradshaw said.

“Over the past year, ASD and our international partners have seen malicious cyber actors revising their tactics to avoid detection and blend in with regular network traffic, techniques known as living off the land.”

China and Russia were using the technique prominently.

“(China’s) choice of targets and pattern of behaviour is consistent with pre-positioning for disruptive effects, rather than traditional cyber espionage operations,” the report said.

State-sponsored cyber operations
 China, Russia, North Korea and Iran are behind most state-sponsored operations against Australia. Image by Mick Tsikas/AAP PHOTOS 

Of the 1100 cyber security incidents the agency responded to over the year, more than one in 10 were related to critical infrastructure.

This includes communications networks, financial services and markets, as well as data storage and processing facilities.

More than one in four self-reported cyber crimes involved identity fraud, while 15 per cent were tied to online shopping and 12 per cent to banking.

Businesses affected by cyber incidents were most likely to be impacted by compromised emails, followed by online banking frauds.