Australia’s 2024-2025 Cyber Threat Report Reveals Key Security Trends
▼ Summary
– Australia’s increasing digital dependency makes it an attractive target for both criminal and state-sponsored cyber actors.
– Reported cyber incidents and notifications of malicious activity rose significantly, with a 16% increase in hotline calls and an 83% jump in threat notifications.
– State-sponsored cyber actors pose a serious threat by targeting government networks, critical infrastructure, and businesses to disrupt services and communications.
– Cybercrime is escalating with higher financial losses, more ransomware attacks, and credential theft using stolen data from the dark web.
– The ASD recommends basic cyber hygiene for individuals and strategic “big moves” for businesses, including logging, updating IT, and preparing for post-quantum cryptography.
Australia’s digital landscape faces escalating cybersecurity threats, as detailed in the latest annual report from the Australian Signals Directorate. The findings reveal a sharp rise in malicious cyber activity, reinforcing the urgent need for enhanced protective measures across all sectors. Australia’s growing reliance on internet-connected technology makes it a prime target for both criminal and state-sponsored cyber actors, driving a significant uptick in incidents and financial losses.
During the 2024–2025 financial year, the Australian Cyber Security Centre fielded more than 42,500 calls to its hotline, a 16 percent increase from the previous period. The agency also responded to over 1,200 cybersecurity incidents, marking an 11 percent rise. Perhaps most telling, organizations received more than 1,700 notifications about potential malicious activity, an 83 percent jump that underscores the persistent and evolving nature of these threats.
State-backed cyber actors remain a serious and expanding danger, targeting government networks, critical infrastructure, and private enterprises. These groups often aim to disrupt essential services or compromise communications during times of strategic importance. Meanwhile, cybercrime continues to inflict substantial economic and social harm. Reported financial losses climbed, ransomware attacks grew more frequent, and data breaches increased across the board. Criminals are aggressively stealing and purchasing credentials from the dark web to access email, social media, and financial accounts.
Attackers frequently exploit vulnerabilities in both technology and security practices. Internet-facing weaknesses in edge devices are especially common, requiring diligent monitoring and secure configuration by network owners. Sophisticated “living off the land” techniques have persisted, forcing defenders to focus more on detecting subtle behavioral anomalies to identify advanced threats.
The proliferation of artificial intelligence is enabling malicious actors to launch attacks faster and on a broader scale. As Australia’s adoption of connected technologies expands, so do the opportunities for cyber exploitation. Critical infrastructure remains a high-value target due to its vast stores of sensitive data and its role in supporting the national economy. In the last reporting period, critical infrastructure entities were alerted to potential cyber intrusions on their networks more than 190 times, a staggering 111 percent increase.
In response, the report urges individuals and organizations to strengthen their cyber resilience through foundational security practices. Everyone can improve their defenses by adopting a few essential habits: use strong multi-factor authentication wherever possible, create unique and robust passwords or passphrases, keep all software updated, stay vigilant against phishing attempts, and perform regular backups of important data. Implementing these basic steps can prevent the majority of incidents reported to the ACSC.
Businesses are advised to adopt an “assume compromise” mindset and identify which assets, their “crown jewels”, require the highest level of protection. The ASD recommends four key actions to reinforce cyber defenses: implement best-practice logging, replace outdated legacy systems, manage third-party risks effectively, and prepare for the arrival of post-quantum cryptography. For organizations using operational technology, best practices include isolating critical OT systems and having a recovery plan in place.
Large enterprises should prioritize secure-by-design and secure-by-default principles when developing or deploying technology. This approach helps build modern networks that inherently protect data and systems. Looking ahead, emerging technologies like post-quantum cryptography will present fresh challenges. The ACSC is collaborating with Australian industry and partners to safeguard communications and sensitive information. Transition planning for a post-quantum computing environment is essential for operational readiness beyond 2030, and those preparations must begin immediately.
Businesses integrating artificial intelligence must do so safely, ensuring that security is embedded throughout the adoption process. Finally, the report stresses the importance of reporting any suspicious cyber activity, incidents, or vulnerabilities through ReportCyber or the Australian Cyber Security Hotline.
(Source: ITWire Australia)