Financial Crime World

Title: Cybercrime Surges in Australia: 94,000 Reports, Up 23%, with Financial Sector and Critical Infrastructure as Key Targets

Overview

The Australian Cyber Security Centre (ACSC) of the Australian Signals Directorate (ASD) has released its Annual Cyber Threat Report for the 2022-2023 financial year, highlighting a surge in cybercrime in Australia. With close to 94,000 reports – a 23% increase from the previous year – Australia faced a significant increase in malicious cyber activities.

Key Findings

  • Over 1,100 cybersecurity incidents were responded to by ASD.
  • Critical infrastructure was targeted in 15% of all cybersecurity incidents, resulting in 143 incidents.
  • The financial toll of cybercrime rose by 14%, with small businesses reporting an average cost of $46,000 per incident and medium businesses facing an average cost of $97,000.
  • Email compromise, business email compromise, and online banking fraud were the top cybercrime types for businesses, while identity fraud, online banking fraud, and online shopping fraud were the top categories for individuals.
  • Ransomware accounted for 10% of all responded incidents, with 158 entities notified of ransomware activity.

Threats Against Critical Infrastructure

Compromised accounts or credentials, networks, or infrastructure, and denial of service attacks were involved in 57% of the incidents targeting critical infrastructure.

Identity and Financial Fraud

Identity fraud, online banking fraud, and online shopping fraud were the most common types of cybercrimes for individuals.

Financial Impact

The financial toll of cybercrime was considerable, with an average cost of $71,600 for large businesses, $97,000 for medium businesses, and $46,000 for small businesses per incident.

Mitigating Threats

The Australian Protective Domain Name System proved to be an effective defense mechanism, blocking over 67 million malicious domain requests and a 176% increase from the previous year. The Domain Takedown Service mitigated more than 127,000 attacks against Australian servers.

Targeted Sectors

The federal government reported the most cyber security incidents (30.7%), followed closely by state and local government (12.9%).

Threat Actors

Both state and non-state actors continue to pose a serious threat to Australia’s networks, as evidenced by the report’s findings and the persistent threat of state cyber capabilities extending beyond cyber espionage campaigns to disruptive activities.

Conclusion

This report underscores the need for ongoing vigilance against cyber threats targeting Australia’s critical infrastructure and sectors. Interested readers can explore the full report linked above for a more detailed examination of major cybersecurity topics and trends.