Insight,

ACSC Annual Threat Report

08 November 2022

Our People
KWM Kinetic
Owl Advisory
AU | EN
Current site :    AU   |   EN
Australia
EN |
China
JP | ZH | EN |
China Hong Kong SAR
ZH | EN |
Japan
JP | ZH | EN |
Singapore
ZH | EN |
United States
EN |
Global
ZH | EN |

TLDR

The Australian Cyber Security Centre (ACSC) has just released its Annual Cyber Threat Report covering the period July 2021 to July 2022 (Report).  It will probably surprise nobody that along with the international security environment more broadly, the cyber threat landscape has deteriorated markedly over the review period.

Background

Cybercrime and the costs of cyber crime

Over the review period, the numbers of cybercrime and cyber security incidents increased across the board, with a noticeable spike in the number of cybercrime reports in Q1, trailing off to more consistent, but still elevated, levels across the remainder of the review period.

Financial losses due to business email compromise (BEC) increased over the period, as did the average cost per cybercrime reports for businesses of all sizes.

ACSC notifications

Among the more interesting nuggets of information contained in this document, the ASCS reports that it has notified:

  • 148 entities of ransomware activity in their networks; and
  • 5 critical infrastructure entities of malicious cyber activity and vulnerabilities.

These figures suggest that the ACSC fills a critical role in notifying entities of malicious activity in their infrastructure that the entities themselves may not be aware of.

Action taken by the ACSC

The Report gives a glimpse of the scope and scale of ACSC’s activities more broadly.  These include proactive measures taken to reduce threat levels, such as blocking malicious domain requests, taking down brute force attacks and domains hosting malicious software and conducting “high priority operational tasks” such as scanning for vulnerable devices.

Geographical disparities

While it is unsurprising that there were more cybercrimes reported in Australia’s more populous States, the statistics also reveal that in the less populated States and Territories such as Western Australia and the Northern Territory, average losses per victim were the highest.

Types of cybercrime

Online fraud constituted the lion’s share of reported cybercrime.  Despite its very high public profile, ransomware attacks made up only about .59% of all reported cybercrime over the review period.

State sponsored cybercrime

We’ve written previously about the difficulties of attributing malicious cyber activity to a particular nations state (see our article here).  However defined, the ASCS is very clear that state sponsored or supported cybercrime is a prominent and persistent feature of the threat landscape.  Interestingly, although the words “sophisticated” and “state based” are often used together, the Report notes that state sponsored cybercrime often relies on “relatively simple tools and techniques” because they are “effective, inexpensive and scalable” (page 30).  Also it means that prized “zero day” attacks can be kept in reserve for high value targets.

Operating in the “grey zone”

Continuing the theme of state sponsored activities, the Report notes the continuing prevalence of states employing cyber attack as an instrument of aggression or oppression against other states – including by spreading disinformation and launching attacks aimed at sabotaging and destabilising other states.  Cyber attacks can also be undertaken as an adjunct to more conventional methods of warfare.  The Report cites Ukrainian descriptions of the Russian invasion of Ukraine, for example, as “a dual war – one on the ground and one in the digital realm” (page 30) .  Cyber aggression operates in a “grey zone” where it may be difficult to categorise such activities as a violation of international laws.

What businesses can do to protect themselves

The Report is rounded out by some practical recommendations, including alignment to the ACSC’s “Strategies to Mitigate Cyber Security Incidents”, joining the ACSC Partnership Program and participating in the activities of the Joint Cyber Security Centres (see page 70).

Our experts, industry leaders, regulators and government explored key digital and cyber trends, regulatory insights and more at the KWM Digital Future Summit in November 2022. Read our takeaways or watch it on-demand here.

Categories

MEET THE AUTHORS

SHOW MORESHOW LESS
KWM DIGITAL FUTURE SUMMIT

17 - 25 October 2023 | Virtual

Join our four-day summit to discover a wide range of perspectives on the future of digitisation and regulation of data and emerging technologies.

LATEST THINKING
Insight
Reform Reflections: Understanding the Shift in Australia’s Industrial Landscape
The incumbent Australian Labor Party (ALP) has been re-elected to a second consecutive term in office. While all races are yet to be formally declared, the ALP is set to have more seats than at any point since its establishment, and will likely face a materially less fractured Senate, no longer having to rely on patching together support from a diverse group of independents in order to pass legislation.

12 May 2025

Insight
The great election wash up - and what we’re watching next…
As the post-election dust settles, the KWM team has pulled together a succinct assessment of the Government’s key policy positions, legislative priorities and issues to watch for in the next term of Parliament.

09 May 2025

Insight
Are non-poaching clauses enforceable?
A ‘non-poach’ clause is a contractual provision that seeks to restrain the hiring of one party’s employees by the other party to the contract.

09 May 2025

EXPLORE LATEST THINKING
OUR PEOPLE
LOCATIONS
MEDIA CENTRE
CAREERS
ABOUT US
Explore Our Expertise
Explore insights
Explore Our Insights

Advertising and Targeting Cookies