Skip to main content Skip to main navigation
Skip to access and inclusion page Skip to search input

No one spared from cyber threats, report finds

12:30pm November 16 2023

Malicious cyber activity continues to increase in sophistication, frequency, cost and severity, report finds. (Josh Wall)

At the heart of the government’s fourth Annual Cyber Threat report lies the warning that malicious cyber activity continues to increase in sophistication, frequency, cost and severity compared to the previous year’s findings.

It sends a familiar message: without prioritising cyber security, every Australian risks becoming victim to online adversaries.

The report was conducted by federal agency Australian Signals Directorate (ASD) in collaboration with a number of partner federal agencies and lays bare the threats to Australia's cyber environment.

The ASD received over 33,000 calls and an average of 90 calls a day to the Australian Cyber Security Hotline, up 32 per cent from the previous financial year. That’s a cybercrime reported approximately every six minutes.

Globally, critical infrastructure networks continued to be targeted, and Australian networks were no exception to malicious actors seeking to steal or encrypt sensitive data, gain insider knowledge, or degrade and disrupt services – threatening many vital systems.

Ransomware in particular remained a highly destructive cybercrime, comprising over 10 per cent of all incidents.

Australian businesses were also an attractive target for malicious actors, with the average cost of cybercrime to business increasing by 14 per cent over the financial year. 92% of businesses affected were small businesses.

It’s important for businesses to be quick on the draw when it comes to business email compromise fraud – a crime affecting over 2,000 victims and draining Aussie businesses of almost $80 million in total.

With the average Australian household having over twelve internet-connected devices, individuals are feeling the impact of rising cybercrime rates as well. Aussies lost over $3 billion to scams in 2022 according to the ACCC’s Targeting Scams report – that’s an 80 per cent increase on 2021. The big-hitting scams are identity fraud, online banking fraud, online shopping fraud and investment scams. 

Australians lost over $3 billion to scams in 2022. (Getty Images)

“In Westpac we see most of the scams categorised within the ASD report,” says Richard Johnson, Westpac’s Chief Information Security Officer, in an interview with Westpac Wire.

“We see phishing and malware attacks against customers, and we’re seeing scams on the rise – particularly romance scams, investment scams and business email compromise scams.

“Money going out through crypto exchanges are a key focus for us so that we can ensure that Australians aren’t losing their money to cybercriminals.”

The report found that the path towards a stronger cybercrime barricade involves positive cyber security culture and stringent security controls. This includes strengthening partnerships across government and industry to share intelligence and mitigation advice.

The groundwork has been laid, with the Cyber Threat Intelligence Sharing Community growing around 688 per cent to over 250 Partners by the end of June 2023. The Domain Takedown Service blocked over 127,000 attacks against Australian servers, and ASD’s Cyber Security Partnership Program grew by almost 30 per cent to over 110,000 individuals and organisations.

What you can do to protect yourself and your business

  • Patch, update or mitigate vulnerabilities within 48 hours when vulnerabilities are assessed as critical
  • Regular cyber security training to ensure staff are cautious of phishing emails
  • Turn on multi-factor authentication, and use long and unique passphrases for every account
  • Turn on automatic updates for all software, and do not ignore installation prompts
  • Regularly back up important files and device configuration settings
  • Only use reputable cloud service providers and managed service providers
  • Regularly test cybersecurity detection, incident response, business continuity & disaster recovery plans
  • Review cyber-security posture of remote workers
  • Thoroughly understand networks, map them and maintain an asset registry
  • Scrutinise the organisation’s ICT supply chain vulnerabilities and risks
  • Always call organisations and individuals back on an independently-sourced number
  • Ask personal questions to verify the identity of a known caller
  • Don’t cooperate with advisors wanting to see your device’s screen to help guide you
  • Always seek independent financial advice
  • Report cyber security incidents early to ReportCyber at

The headway made in the sector demonstrates that Australians clearly value cyber security, and it’s the collective actions of Australians that make a real contribution to the nation’s cyber resilience. As technology becomes more disruptive, and networks grow in size and complexity, so too will the sophistication of cybercrimes.

For information on scams, go to Westpac's Latest Scams and Alerts info.

Josh Wall is the Head of Video at Westpac Wire. Prior to joining the team, he spent 10 years as a video journalist and documentary filmmaker, most recently as Head of Video for the Guardian Australia. He also worked across numerous News Corp mastheads in Sydney as a presenter, producer, writer and video journalist. Josh is originally from Perth, Western Australia where he began his career by co-creating a video magazine that focused on music and the arts.

Kripa Krithivasan joined Westpac Wire in 2022 as a News Reporter. After starting her career at Westpac in 2016, Kripa took some time off to host one of Australia’s most popular podcasts for South Asian Australians, Uncultured the Podcast, and is passionate about giving marginalised voices a platform. When she’s not at work, Kripa dabbles in a bit of stand-up comedy and Bharatnatyam - classical Indian dance.

Browse topics