Australia’s increasing reliance on digital technology makes it an attractive target for both state-sponsored and criminal cyber actors, with the threat environment growing in complexity and severity. In FY2024-25, ASD’s ACSC reported a significant rise in incidents, underscoring the urgent need for all entities and individuals to uplift their cyber resilience.
The Threat Landscape: Key Statistics (FY2024-25)
The cyber threat landscape saw notable increases across multiple metrics:
| Metric | Detail | Change from Previous Year |
| Cyber Incidents Responded to | Over 1,200 cyber security incidents. | ↑ 11% |
| Cyber Security Hotline Calls | Over 42,500 calls answered. | ↑ 16% |
| Notifications of Malicious Activity | Entities notified over 1,700 times of potential malicious activity. | ↑ 83% |
| Critical Infrastructure (CI) Notifications | CI entities notified over 190 times of potential malicious activity. | ↑ 111% |
| Denial of Service (DoS/DDoS) | Responded to more than 200 incidents. | ↑ >280% |
| Average Cybercrime Loss (Large Business) | Self-reported cost per report: $202,700. | ↑ 219% |
| Top Cybercrime for Individuals | Identity fraud remained the top reported cybercrime. | ↑ 8% |
Source: Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Annual Cyber Threat Report 2024-25.
Major Threats
- State-Sponsored Actors: These actors pose a serious and growing threat, targeting government, Critical Infrastructure (CI), and businesses to conduct espionage, steal sensitive information, and position for potential disruptive and destructive cyber effects. They are increasingly adopting sophisticated “Living off the land” (LOTL) tradecraft to evade detection by blending in with normal network activities.
- Cybercrime: Financially motivated cybercriminals continue to challenge Australia’s economic prosperity, with increasing frequency of ransomware attacks and data breaches. They are aggressively pursuing credential theft, purchasing usernames and passwords from the dark web to compromise accounts.
- Emerging Risks: The prevalence of Artificial Intelligence (AI) is almost certainly enabling malicious actors to execute attacks on a larger scale and at a faster rate.
Recommendations for Resilience
The 4 “Big Moves” for Businesses and Network Owners:
Businesses should operate with a mindset of ‘assume compromise’ and prioritise the assets that need the most protection. ASD recommends focusing on these four actions to bolster cyber defences:
- Implement Best-Practice Logging: Ensure comprehensive logging to detect sophisticated threats like LOTL.
- Replace Legacy IT: Remove outdated systems that are difficult to monitor and secure.
- Effectively Manage Third-Party Risk: Address vulnerabilities introduced by supply chains and partners.
- Prepare for Post-Quantum Cryptography: Start planning now for effective transition plans to operate securely beyond 2030.
Basic Actions for Every Individual:
Implementing these simple mitigations can prevent most cyber incidents reported to the ACSC:
- Use strong Multi-Factor Authentication (MFA) wherever possible.
- Use strong and unique passwords or passphrases.
- Keep software on all devices updated.
- Be alert for phishing messages and scams.
- Regularly back up important data.
Report Suspicious Activity: Organisations and individuals must report suspicious cyber activity, incidents, and vulnerabilities to Report Cyber at cyber.gov.au
