Report: ASD’s annual Cyber Threat Report finds cyber crime on the rise and AUKUS at risk

According to the ASD’s Cyber Threat Report 2022–23, cyber crime reporting has risen by 23 per cent year on year.

That equates to 94,000 reports made to the Australian Cyber Security Centre for the financial year, or an average of nearly 300 reports every day.

The Australian Cyber Security Hotline alone accounted for 33,000 calls, a 32 per cent increase on the previous period.

The report also reveals the cost of cybercrime, and it’s hitting medium-sized businesses particularly hard. The average per-report cost of a cyber incident is $97,200 for mid-sized businesses, while for large organisations, it is $71,600. Small businesses aren’t getting off cheaply, either, with cyber attacks costing smaller operators $46,000 per incident.

Deputy Prime Minister and Minister for Defence Richard Marles said the report paints a stark picture.

“The annual Cyber Threat Report demonstrates how governments, businesses and critical infrastructure networks have been targeted by state and non-state actors, with the aim to destabilise and disrupt,” Minister Marles said in a statement.

“The report underscores the importance of ASD’s work in defending Australia’s security and prosperity and reinforces the significance of the Albanese government’s investment in ASD’s cyber and intelligence capabilities under Project REDSPICE.”

Ransomware remains a key part of the threat landscape, with over 10 per cent of the incidents that the ASD actively responded to related to data theft and extortion. The ASD responded to more than 1,100 incidents over the reporting period. The ASD also reported more ransomware incidents to victims this year – the directorate informed 158 organisations of ransomware activity, compared to 148 in the previous reporting period.

VIEW ALL

However, ransomware is not the key cause for concern for Australian businesses. The top three crimes reported by Australian businesses were email compromise, fraud related to business email compromise, and online banking fraud.

For individuals, however, identity fraud was the most commonly reported cyber crime, followed by online banking fraud and online shopping fraud.

But while cybercrime is on the rise, state-based actors are increasingly targeting Australia’s critical infrastructure. The ASD responded to 143 incidents regarding attacks on critical infrastructure, largely looking to gather data or disrupt critical business systems. Russia and China have been particularly active in this area, and the ASD warns that the AUKUS treaty – which will see Australia begin operations of nuclear submarines – will almost certainly be a prime target in the future.

“The AUKUS partnership, with its focus on nuclear submarines and other advanced military capabilities, is likely a target for state actors looking to steal intellectual property for their own military programs,” the ASD said in its report.

“Cyber operations are increasingly the preferred vector for state actors to conduct espionage and foreign interference.”

The report notes that while criminals and threat actors are certainly being active, there has also been a 20 per cent rise in common vulnerabilities and exposures, or CVEs. These flaws are being exploited, with one in five CVEs being exploited within 24 hours of discovery. The response to this challenge, according to the ASD, is not just a technical one, but cultural as well.

“To boost cyber security, Australia must consider not only technical controls such as ASD’s Essential Eight but also growing a positive cyber secure culture across business and the community,” the report said.

“This includes prioritising secure-by-design and secure-by-default products during both development (vendors) and procurement (customers).”

Professor Nigel Phair, Department of Software Systems and Cybersecurity, Faculty of Information Technology, believes the report marks an important wake-up call for the Australian cybersecurity industry and the wider population.

"Year-on-year, the Australian Signals Directorate has received another substantial increase in reports of cybercrime. This has been a consistent pattern for a number of years now and will continue to increase until Australian organisations start putting more effort into cyber security and the risk management of their information assets," Professor Phair told Cyber Daily via email.

"The cost of these cyber attacks is also increasing, resulting in greater harm to businesses and individuals. Cybercrime remains one of the biggest threats to Australian organisations as cyber criminals continually adapt their tools and techniques for greater success," Professor Phair said.

"Australia needs more tertiary qualified cyber security professionals working to support the government and the private sector to protect against these increasing cyber threats."

Andrew Wilson, CEO cybersecurity specialist Senetas, is pleased to see the report focus on the importance of patching critical systems.

"In the ASD report, we're reminded of two persistent challenges in the enterprise threat landscape: insufficient patching and the risky overlap of IT and operational technology (OT) networks. As a global leader in this area, we really want to emphasise the importance of specialised network encryption solutions," Wilson told Cyber Daily via email.

"These should be exclusively dedicated to security, not split between tasks like routing and encrypting data. This focused approach to encryption is a key factor in our success with the US federal government and Australian defence sectors. Recognising the threat of compromised IT networks as a backdoor to OT environments is critical, especially for the increasing number of organisations that find themselves falling under the Security of Critical Infrastructure Act. Additionally, encrypting networks and ensuring authentication to prevent malware infiltration are essential steps for robust IT security. We couldn't be more pleased to see the ASD report specifically call this out as an area for senior business leaders to consider in the months to come."

You can read the full 80-page report here.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.