Accepting the report, Defence Minister Richard Marles said: “We are currently witnessing deteriorating strategic circumstances in our region and globally, including a military build-up unseen since World War II, and expanding cyber and grey-zone capabilities are of particular concern.” The ACSC received more than 76,000 cybercrime reports in the year to June 30, an increase of nearly 13 per cent from the previous financial year. This equates to one report every seven minutes.

Australia’s prosperity makes us an attractive target. Our widespread internet connectivity, per-capita wealth and investment structures – such as movable superannuation accounts and widespread share ownership – are all powerful incentives for cybercriminals.

In 2021-22, cybercrimes directed at individuals, such as attacks on online banking and shopping, remained among the most common, while attacks on business email trended towards targeting high-value transactions such as property settlements. Queensland and Victoria report disproportionately higher rates of cybercrime relative to their populations. However, the highest average reported losses were by victims in the Northern Territory (more than $40,000 per cybercrime report where a financial loss occurred) and Western Australia (more than $29,000).

For companies, ransomware remains the most destructive cybercrime, with criminals evolving their business model, seeking to maximise their impact by targeting the reputations of Australian businesses. Billions of dollars was wiped from the sharemarket value of Medibank as hackers linked to an online Russian criminal forum threatened to expose the health records and other sensitive information of millions of Australians. A study from corporate advisory firm McGrathNicol has found most companies are paying cybercriminals a ransom and often within 24 hours to mitigate reputational damage from a breach, with the average payment totalling $1.28m.

The cyber threat is of particular concern for Australia due to the rising tensions in our region, with strategic competition across the Pacific. The ACSC report says cyber operations are likely to be used by states to challenge the sovereignty of others. Russia’s invasion of Ukraine has shown how cyber operations can be used as a tool of war alongside a major ground offensive, with malicious cyber activity against Ukrainian networks before and during the conflict. Criminal syndicates and issue-motivated groups have conducted activities in support of Russian or Ukrainian interests, independent of Russian and Ukrainian government chains of command.

Recent cyber attacks that have been made publicly known prove the warnings issued by the ACSC report must be taken seriously, but the report is already out of date. The big lesson is that nobody is safe from the predatory activities of criminal groups around the world. Individuals must take precautions to keep their online activities safe. Governments have a role to play with regulation to ensure that companies are protecting the private information they collect.

Most worrying is the way in which foreign governments are involved in cyber warfare to create mischief and weaken their enemies. The trend is clear that cybercrime is on the rise and everyone must do all they can to guard against it.