Australia has seen an increase in the number and sophistication of cyber threats, making crimes like extortion, espionage, and fraud easier to replicate at a greater scale. That’s according to the third Annual Cyber Threat Report by the Australian Cyber Security Centre (ACSC).

It received over 76,000 cybercrime reports, an increase of nearly 13 per cent from the previous financial year, said the report, covering the year July 2021 to June 2022. As elsewhere, ransomware remains the most destructive cybercrime; critical infrastructure networks are increasingly targeted; and (like its UK equivalent the NCSC) the ACSC has singled out Russia, China and Iran as using cyber operations ‘to challenge the sovereignty of others’.

What may be particular to Australia as identified by the ACSC is the country’s prosperity – attractive to cybercriminals. “In 2021–22, cyber crimes directed at individuals, such as online banking and shopping compromise, remained among the most common, while Business Email Compromise (BEC) trended towards targeting high value transactions,” such as buying and selling property, the ACSC said.

Earlier this month, Australians’ personal data stolen from private health insurer Medibank Private and on the dark web included names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers for AHM customers (not expiry dates), in some cases passport numbers for international students (not expiry dates), and some health claims data. Weeks earlier came the Optus data breach.

Comment

Charl van der Walt, head of security research at Orange Cyberdefense said that in terms of ransomware and ‘cyber extortion’ (Cy-X), cyber criminal gangs have typically targeted large, English-speaking countries such as the United States and Canada due to the size of their economies, and the fact that they don’t present a language or cultural barrier for many groups. “Of the ten countries with the highest number of recorded victims over the past year, seven are also counted among the world’s largest economies measured by GDP. The reasoning is simple: the bigger the economy, the more business and more potential victims there will be, and the higher chance there will be of successful compromise.

“However, our data shows that threat actor groups are changing their behaviour and preferred targets, which could be the reason for the spike in attacks seen in Australia. Over the last year, we’ve observed an 8pc fall in victims in the US and a notable 32pc reduction in Canada. As well as the decrease in North America, we’re seeing the geography of attacks shifting from this area through the UK and Western Europe (which have seen victims numbers fall by 34pc and 20pc respectively over the past six months), and towards the rest of the world. The number of victims in East and Southeast Asia grew by 30pc and 33pc over the same period.

“Australia presents a unique opportunity as threat actors look for new targets away from their norm. It is an English-speaking nation, with similar working practices and cultures to the US and UK, compared to those of Asian countries. This makes it far easier for cybercriminals to conduct convincing phishing attacks and far more likely that those targeted will fall for the malicious emails landing in their inboxes. Attacks in this region are not particularly high yet – with our data showing between two and four incidents a month – observable Cy-X attacks increased by 8pc in Australia and New Zealand between October 2021 and 2022, and we anticipate this figure to keep rising.”