Cyber crime in Australia increased 13% in the last year

An image of a digital padlock with code around it
(Image credit: Shutterstock)

Cyber crime in Australia increased by nearly 13% in the past year as more Australians significantly increased their dependence on the internet to work remotely, access services and information, and communicate.

During the 2020-21 financial year, the Australia Cyber Security Centre (ACSC) received over 67,500 cyber crime reports, equating to one report of a cyber attack every eight minutes. This is compared to one report every 10 minutes the previous year, the organisation stated in its latest ACSC Annual Cyber Threat report.

The ACSC categorised a higher proportion of cyber security incidents as “substantial” in impact, due to an increased reporting of attacks on larger organisations and the observed impact of the attacks on the victims. The organisation said this was compounded by the increased complexity and sophistication of attackers’ operations.

It revealed that malicious actors exploited the pandemic through spear phishing emails that were associated with COVID-related topics, encouraging victims to enter personal credentials for access to COVID-related information or services.

The ACSC said that the health care sector was a significant target of ransomware attacks, with criminals hoping to “leverage critical services to increase the motivation of victims to pay ransoms”.

The assistant minister for Defence, Andrew Hastie, said that cyber is the new battleground, adding that it's a team effort and a shared responsibility to lift the nation’s cyber defences by implementing cyber security measures.


The business guide to ransomware

Everything you need to know to keep your company afloat


“Malicious cyber criminals are escalating their attacks on Australians. We need all Australians to be vigilant by taking simple cyber security steps including using strong passphrases, enabling two-factor authentication, updating software and devices and maintaining regular data backups, as well as being on guard against malicious emails and texts,” he said.

Around a quarter of cyber incidents reported were associated with the country’s critical infrastructure or essential services, and the ACSC also recorded a 15% increase in ransomware reports, calling it “one of the most significant threats” to organisations. Ransom demands ranged from thousands to millions of dollars.

Malicious actors, state and criminal ones, rapidly exploited security vulnerabilities, at times within hours of public disclosure, patch release, or technical write up “particularly if proof of concept code that identified the vulnerabilities in systems was also released”.

The ACSC said that business email compromise (BEC) continues to be a major threat to businesses and government enterprises, especially as more Australians work remotely. The average loss per successful event increased to over AUD$50,600 (£26,827), over one and a half times higher than the previous year.

Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.