Cyber threat: How AI, household devices are being weaponised against Australians

ASIO has revealed hostile nations are testing Australia's cyber defences daily as criminals harness AI to launch increasingly sophisticated attacks on businesses and homes.

Sarah Simpkins

3 min read

November 13, 2025 - 4:58PM

The Australian Business Network

Australian businesses and individuals could be targeted by state-backed hackers, ASIO and Department of Home Affairs have warned.

Scams

Don't miss out on the headlines from Scams. Followed categories will be added to My News.

State-backed hackers and criminals are using AI to mimic voices and government documents, and breaking into networks through devices like baby monitors, cyber attack experts have warned.

ASIO director-general Mike Burgess yesterday warned business leaders they are facing a new and aggressive wave of corporate espionage and cyber-enabled sabotage, saying state nations such as China and Russia are backing hackers and targeting critical infrastructure worldwide, to cause economic damage and diminish military capabilities.

In apparent reference to China, Mr Burgess said ASIO is aware of “one nation state” which is probing Australia’s networks and testing everyday for vulnerabilities.

ASIO Director-General Mike Burgess says state nations like China and Russia have hackers targeting critical infrastructure. Image: Jane Dempster/The Australian.

■ MOST READ: Australia’s top young entrepreneurs revealed

Speaking at the Association of Super Funds of Australia (ASFA) conference yesterday, he said the Australian Signals Directorate (ASD) has issued warnings about state-backed actors being able to create botnets – networks of compromised devices, which are infected by malware and controlled remotely.

“ASD put out some advisories last year talking about how actors like China are creating these botnets and the way they create these nets to penetrate our networks is to target individual devices, that you might have at home, be it your webcam or your baby monitor or your fridge – devices which have not been patched or legacy devices,” he said.

There had also been a rise in criminals using AI to scale up attacks and improve their efficiency, Mr Wong said.

“How it may manifest itself from a practical point of view is they might be able to generate some really official looking documents or you may get [an AI] faking someone’s voice,” he said.

“They have this ability now with AI to generate some really genuine interactions with staff, that’s presenting a threat.”

The Department of Home Affairs had also seen a rise in “infostealers” – malicious software residing on computers or in internet browsers, Mr Wong said.

In the last financial year, the ASD received 84,700 cybercrime reports in Australia – on average, one every six minutes.

The average self-reported cost of the crimes for individuals was $33,000 while businesses lost up to $202,700.

AI can be used to overcome security checks, experts have warned.

She said systems which verify consumers’ identity, by using photos of their ID or having them take “live selfies”, where they have to video themselves turning their head, could be easily overcome by AI which can create a video from a photograph.

“It is unfortunately a bit of an arms race, every time we plug a gap, organised crime, state controlled actors, they find ways around it,” she said.

“The technology changes it. Any sort of risk management and particularly within money laundering, it’s not a set and forget, it is a practice you need to revisit regularly.”

But keeping punters safe could also irritate them, as security had to be traded for convenience, she said.

“The easier we make it for customers, unfortunately, the reality is that it also makes it easier for criminals,” Ms Miller said.

“If you want things to be really secure, you may get to a point where it’s not as convenient for customers.

“It’s about introducing a bit more friction, slowing things down, giving time for checks to be made.”

However AI is tipped to be a warm up round for quantum computing, or supercomputers, which are expected to arrive from 2030 to 2040.

AI hackers are using everyday devices to infiltrate Australian homes.

Laura Catterick, the director of resilience and cyber at banking industry body UK Finance said the current encryption used by companies will be hacked very easily with quantum computers, which can process information and solve problems too complex for current everyday computers.

ASD has recommended organisations start to form a plan for when quantum computing arrives, and then have protections in place from 2030.

Over the last financial year, Mr Wong said there had also been a 300 per cent rise in “hacktivists” – activist groups which disrupted or defaced company websites, or blocked portals.

Ms Catterick said there had been attacks on large companies in the UK this year, including Marks and Spencers, Harrods and Jaguar Land Rover.

The Jaguar Land Rover attack in particular was estimated to have cost the car manufacturer up to $4 billion, as it shut down global production for multiple weeks.

“Typically ransomware attacks is what we’re seeing are things that are taking out organisations,” Ms Catterick said.

She added companies also faced risk from insiders within their organisation and weak points in their supply chain.