Rise in cyber attacks against Australia from criminals, states

SYDNEY (Reuters) – Cyber attacks against Australia from criminals and state-sponsored groups jumped last financial year, with a government report released on Friday equating the assault to one attack every seven minutes.

The Australian Cyber Security Centre (ACSC) received 76,000 cybercrime reports last financial year, up 13% from the previous period, according to its latest annual cyber threat report.

While just over half of attacks targeted individuals for fraud and theft, the report warned that state-sponsored attackers made cyberspace a “battleground” and cited attacks from China’s Ministry of State Security, Iran and Russian state-linked groups.

Multiple cyber attacks

Multiple attacks against Australian essential services were thwarted over the period, including a November 2021 attack on government-owned utility CS Energy, responsible for a tenth of the nation’s electricity output.

“It’s a huge wakeup call and companies need to get their act together…we need to do much better,” Prime Minister Anthony Albanese said at a news conference on Friday.

“The government has stepped up, the private sector needs to step up in the interest of their customers but also their own interest.”

The ACSC, part of the intelligence-collecting Signals Directorate, reported 95 cyber incidents impacting critical infrastructure last fiscal year.

The third annual report covers the period before high-profile hacks at Australia’s second-largest telecoms company Optus, owned by Singapore Telecommunications Ltd, and its biggest health insurer Medibank Private Ltd, which combined compromised some 14 million customer accounts.

The report underscored accusations that the Optus and Medibank hacks were relatively unsophisticated, blaming the majority of major incidents on inadequate software updates.

Australia understaffed in cybersecurity

Experts told Reuters last week a skills shortage is making it harder for Australia’s understaffed and overworked cybersecurity specialists to stop breaches.

Business losses attributable to cybercrime rose on average 14% over the period, with the average crime costing a small business A$39,000 ($24,540).

The jump in attacks and damage is making insurers wary and premiums in Australia jumped 56% year-on-year in the second quarter, according to Marsh & McLennan Companies Inc.

($1 = 1.5891 Australian dollars)

(Reporting by Lewis Jackson; Editing by Alasdair Pal, Stephen Coates and Kim Coghill)