A surge in the scale and severity of malicious cyber activity — including­ the “hack and release’’ of sensitive information intended to embarrass targets, influence public opinion and interfere in democratic processes — will be revealed in a consultation paper to be released today by Home Affairs­ Minister Peter Dutton.

Self-driving cars in the future are also expected to be vulnerable to cyber attacks, with experts warning they could be forced off the road by hackers.

The paper, to kickstart the replacement of Malcolm Turnbull’s strategy drafted only three years ago, says state actors are “growing more organised, confident, and sophisticated in using cyber espionage and interference to promote their national interests”.

“Australia’s critical systems, including in the energy, tele­communications and transport sectors, are becoming increasingly digitised,” the paper warns.

“International cyber incidents have disrupted power grids, degraded­ public health and transport systems, and damaged physical infrastructure. These new threats, if realised … could threaten physical safety, economic secur­ity and the continuity of government and its services.”

Criminal hackers also have access­ to cheap and widely available tools, helping them to steal personal information that can be used to commit financial fraud and other serious crimes, the paper says.

Mr Dutton will call for a new era of co-operation between ­gov­ernments and businesses to tackle emerging cyber risks, warning that the “threat environment” has changed significantly since the 2016 strategy.

“As quickly as we advance, threats evolve and those who wish to do us harm adapt and change,” the Home Affairs Minister will say. “Strong collaboration and partnerships are vital to ensure this strategy is well positioned to tackle the cyber security challenges we face as a nation.”

The paper warns that cyber security­ has never been more important to the nation’s economic prosperity and national security, amid an explosion in the number of physical systems that are now connected to the internet.

According to the paper, cyber security incidents cost businesses up to $29bn a year, while cyber crime affected one in three Aust­ralians last year with an estimated $2.3bn stolen.

The national cyber security upgrade­ follows an August 2017 cyber attack on a Saudi Arabian petrochemical plant designed to sabotage the firm’s operations and cause an explosion by tampering with the emergency shutdown.

A study found the attack, which failed but still shocked­ international experts, was co-ordinate­d from inside a state-owned Russian scientific institute but could also have involved Iran.

An earlier attack on a German steel mill, in 2014, also rang alarm bells, causing serious damage to the plant. The hackers penetrated the plant’s control systems via a malicious “spear phishing” email.

Cyber attacks can cost firms hundreds of millions of dollars. A ransomware attack last year on Danish shipping company Maersk, which ships one in seven containers worldwide, resulted in lost revenue of $200m-$300m.

Outgoing ASIO director-­general Duncan Lewis warned on Wednesday that Australia was “a rich target for state-sponsored cyber attack” aimed at spreading false information, interfering with political processes or taking and destroying information.

The consultation paper warns the hacking of an essential service such as electricity, water or transport “has the potential to cripple the economy, cause social unrest and, ultimately, damage our welfare­ and way of life”.

“There are also many who seek to undermine our strong and endurin­g institutions,’’ he will say. “Recent incidents such as compromises of the Australian parliamentary networks, universities and key corporate entities illustrate that the threat continues to be significant.”

China and Russia are considered Australia’s top cyber adversaries, while Iran and North Korea pose a threat.

China was the prime suspect in a security breach earlier this year in which hackers stole years of student records from the Australian Nation­al University, including those of government and intellig­ence community personnel.

A “sophisticated state actor”, believed to be China, was also behind the attack in February­ on parliament’s IT system.

The Australian Strategic Policy Institute’s International Cyber Policy Centre said the world was on the cusp of a new and frightening era of cyber vulner­ability, with hackers set to harness machine learning and artificia­l intelligence to penetrate critical systems.

“So far no one has died from a cyber attack, but we are on the cusp of that changing,” centre ­director Fergus Hanson said.

“Now we are getting more and more physical systems connected to the internet, it’s inevitable.”

There should be mandatory reporting of data breaches and penalties for inappropriately handling people’s data, he said.

More related stories

World

‘Do not let this history repeat itself’

Auschwitz horrors revisited on the 80th anniversary of the liberation of the evil death camp have significant relevance today to Australians, says Alex Ryvchin.

Read more

Commentary

Gloomsters, listen up – the people are speaking out

Australians are proud of their country, proud of how it has evolved into one of the world’s most prosperous, fair and free societies. That’s something mighty to celebrate.

Read more