The Australian Signals Directorate’s Australian Cyber Security Centre’s (ASD’s ACSC’s) Annual Cyber Threat Report (ACTR) 2024–25 is now available.
The average Australian household has over a dozen internet-connected devices and Australians are spending more time online than ever before. This year’s report found that malicious cyber activity continues to affect Australians in terms of frequency, cost and severity.
The report found:
- Over 84,700 cybercrime reports were submitted to ASD’s ACSC in FY 2024–25 – an average of one report every 6 minutes, which is consistent with last year.
- The top 3 cybercrimes reported by individuals were identity fraud, online shopping fraud and online banking fraud.
In FY2024–25, ASD’s ACSC received over 42,500 calls to the Australian Cyber Security Hotline, a 16% increase from the previous year. ASD’s ACSC also responded to over 1,200 cyber security incidents, an 11% increase.
During FY2024–25, ASD’s ACSC notified entities more than 1,700 times of potentially malicious cyber activity – an 83% increase from last year – highlighting the ongoing need for vigilance and action to mitigate against persistent threats.
State-sponsored cyber actors continue to pose a serious and growing threat to our nation. They target networks operated by Australian governments, critical infrastructure (CI) and businesses for state goals. State-sponsored cyber actors may also seek to use cyber operations to degrade and disrupt Australia’s critical services and undermine our ability to communicate at a time of strategic advantage.
The threat from cybercrime also continues to challenge Australia’s economic and social prosperity, with average reported financial losses, the frequency of ransomware attacks and the number of reported data breaches all increasing throughout FY2024–25.
Cybercriminals are continuing their aggressive campaign of credential theft, purchasing stolen usernames and passwords from the dark web to access personal email, social media or financial accounts.
What you can do
Some of the most effective ways to protect yourself online are also the easiest to use, quick to set up and usually free. Take action to improve your cyber security on cyber.gov.au
Implement the basics:
- Enable multi-factor authentication (MFA) where possible, starting with your important accounts.
- Use long and unpredictable passwords, such as a passphrase.
- Use a different passphrase for each account and consider using a reputable password manager.
- Turn on automatic updates and install software updates as soon as possible.
- Be alert for phishing messages and scams, and learn how to recognise the common tricks scammers use.
- Report cyber incidents to ASD’s ACSC.
You can read the full report here.
