Amidst the ever-evolving landscape of cybersecurity, the Australian Signals Directorate (ASD) has released its Annual Cyber Threat Report 2022-23. The report sheds light on the persistent challenges posed by malicious cyber activities, providing a comprehensive overview of key cyber threats and incidents.
Key cyber threats
The report highlights several key cyber threat trends observed during the reporting period.
State actors focused on critical infrastructure – data theft and disruption of business
State actors displayed a heightened focus on critical infrastructure, employing tactics such as data theft and disruption of business operations. Globally, government and critical infrastructure networks faced targeted attacks from state cyber actors engaged in information-gathering campaigns or disruptive activities. Notably, the AUKUS partnership, with its emphasis on advanced military capabilities, emerged as a likely target for state actors seeking to pilfer intellectual property for their own military programs.
Australian critical infrastructure was targeted via increasingly interconnected systems
The interconnected nature of Australian critical infrastructure was a prominent theme, with operational technology linked to the internet providing malicious actors with opportunities to launch cyber-attacks. The ASD responded to 143 cybersecurity incidents related to critical infrastructure during the reporting period, underscoring the vulnerability of these essential systems.
Cybercriminals continued to adapt tactics to extract maximum payment from victims
The report outlines the adaptability of cybercriminal tactics aimed at extracting maximum payments from victims. Cybercriminals, driven by a global industry of access brokers and extortionists, continued to evolve their operations against Australian organisations. The ASD responded to 127 extortion-related incidents, with 118 involving ransomware or other forms of restricting access to systems, files, or accounts. Business email compromise and denial-of-service attacks by hacktivists also remained persistent threats, significantly impacting organisations’ operations.
Data breaches and exploitation of vulnerabilities
Millions of Australians were affected by significant data breaches, resulting in the exposure of personal information on the dark web. Alarmingly, one in five critical vulnerabilities was exploited within 48 hours, despite available patching or mitigation advice. Malicious cyber actors capitalised on these flaws, causing substantial incidents and compromising networks due to inadequate patching.
Year in review
Throughout 2022-23 there were nearly 94,000 cybercrime reports, up 23 per cent compared to the previous year.
The average cost of cybercrime per report went up 14 percent, with the average cost ranging from $46,000 for small businesses to $97,200 for medium-sized businesses.
The top three cybercrime types for individuals were identity fraud, online banking fraud, and online shopping fraud, while for businesses they were email compromise, business email compromise (BEC) fraud, and online banking fraud.
The ASD responded to over 1,100 cyber security incidents, with 10 percent of all incidents responded to including ransomware.
The top 10 reporting sectors were federal government, state and local government, professional, scientific and technical services, educational and training, healthcare and social assistance, financial and insurance services, information media and telecommunications, construction, defence, and retail trade.
Key takeaways
The ASD Annual Cyber Threat Report 2022-23 underscores the heightened risks in Australia’s cyber landscape, with state actors targeting critical infrastructure, evolving cybercriminal tactics, and widespread data breaches. Statistics reveal a significant surge in cybercrime, emphasising the imperative for collective efforts to enhance cybersecurity across sectors.
