Fraud is the most common cybercrime targeting Australians, with more than 87,000 reports made to the ASD in 2023-24.
The Australian Signals Directorate (ASD) has released its Annual Cyber Threats Report for 2023-2024and while some figures show an overall improvement in the threat landscape, others show new trends in cybercrime affecting Australian individuals and organizations.
Perhaps the key figure is that the ASD received more than 87,400 reports of cybercrime, a drop of 7 percent from the previous year.
However, this still equates to one report every six minutes, which is not that far off from previous years’ figures.
However, calls to the Australian Cyber Security Helpline increased by 12%, with more than 36,700 calls answered, or 100 calls per day, compared to 90 calls per day last year.
The average cost of cybercrime to individuals – that is, self-reported incidents – has unfortunately increased to $30,700, an increase of 12 percent, while the average cost to businesses has decreased overall of 8 percent, but it is not distributed evenly among companies. of different sizes.
The most commonly reported cybercrimes affecting individuals were identity fraud (26 percent of all reports), online shopping fraud (15 percent), and online banking fraud (12 percent).
Large businesses saw their costs decrease by 11 percent to an average cost of $63,600, and medium-sized businesses saw their costs decrease significantly to $62,000, a drop of 35 percent.
However, small businesses appear to be most affected by the threat of cybercrime, with costs per report averaging $49,600, an increase of 8% from last year.
Email compromise was the most common attack vector against businesses, accounting for 26 percent of all reports, followed by online banking fraud with 15 percent and business email compromise fraud with 12 percent.
Critical infrastructure was also the target of malicious actors, with the most common form of incident involving compromised accounts or credentials. Thirty-two percent of all reported cybersecurity incidents involved this vector, followed by malware with 17 percent of all reports and compromise of assets, networks or infrastructure with 12 percent.
More than 90 critical infrastructure entities have been notified by the ASD regarding malicious cyber activity.
Twelve percent of all attacks involved ransomware, an increase of 3 percent from the previous year.
“This year’s report highlights the cyber threat to Australian governments, critical infrastructure, businesses and households. This demonstrates how malicious state actors and cybercriminals continue to adapt their trade to attempt to compromise Australian networks,” Richard Marles, Deputy Prime Minister and Minister for Defence, said in the report’s foreword.
“These circumstances highlight the important role cyber capabilities play in safeguarding our national security and the critical role the ASD continues to play in protecting Australians.”
The ASD response
The ASD responded directly to more than 1,100 incidents, roughly the same number as last year, and notified 930 entities of potentially malicious activity.
Australia’s domain name protection system has been busy, blocking 82 million attempts to access malicious domains, an increase of 21 percent. Similarly, the ASD’s domain removal service requested 49 percent more removals than last year, totaling more than 189,000 requests.
Threat intelligence sharing with international partners also increased, up 66%, with 1,372,400 indicators of compromise shared with more than 400 partners.
The ASD has also worked on programs involving improving cyber hygiene, remediating cyber uplift, measuring cyber maturity, and strengthening critical infrastructure.
Sarah Sloan, Palo Alto Networks Head of Government Affairs and Public Policy for ANZ and Indonesia, was keen to support the work of ASD over the past 12 months.
“We congratulate the Australian Government on the release of the Australian Signals report Annual Cyber Threats Report 2023-2024. The report’s findings closely align with Palo Alto Networks’ Unit 42 threat intelligence, which confirms the increasing speed, scale and sophistication of cyber adversaries,” said Sloan.
“This highlights the critical need for organizations to adopt cybersecurity best practices, including near real-time incident detection and response capabilities. »