Every 6 Minutes: Cyber Attacks in Australia Increase by 23% in 2024.

Australia has experienced a 23 percent increase in cybercrime cases in 2024, with new cases rising by 94,000 in the past year. The Australian Signals Directorate (ASD) also reported a 10 percent decrease in proactive industry reporting on cybercrime issues from June to August 2023 compared to the previous year.

The Department of Home Affairs states that a cyberattack occurs every six minutes in Australia, often leading companies to pay ransoms to regain access to critical data.

This data was presented during a parliamentary inquiry into the Cyber Security Legislative Package 2024, consisting of three bills.

The proposed legislation aims to implement seven initiatives under the 2023-2030 Cyber Security Strategy that seeks to align Australia with global standards and position the country as a cyber security leader.

Stephanie Crowe, Head of the Australian Cyber Security Centre at ASD, highlighted alarming types of cyber incidents, including ransomware attacks and data extortion attempts.

Delays Threaten Cyber Defence

Hamish Hansford, Head of the Australian Cyber and Infrastructure Security Centre at the Department of Home Affairs, emphasized the need to bring ransom payments to light to prevent further escalation of cybercrime.

“The payments are going to fund criminals who just get much more sophisticated through the funds that are provided to them,” he explained.

ASD officials noted that delays in incident reporting and limited industry participation impede effective threat mitigation. Timely information sharing is crucial in countering cyber threats.

Crowe emphasized the importance of early threat reporting, stating, “when industry and small businesses are able to inform us of early signs of an incident, we may prevent those incidents from occurring to others, which is a critical aspect of our national defense against ransomware and cybercrime incidents that are reported to us.”

She referenced a 2022 case where regulatory concerns led a company to delay reporting an active cyber incident by 11 days.

“Eleven days is a very long time in cyber defense,” she said, highlighting that prompt responses protect both the affected business and potential future targets.

Witnesses expressed frustration over delays in inter-agency information sharing, stressing the need for faster response protocols.

Crowe mentioned that one of the key roles of ASD as a national cyber security organization is to provide early warning and prevention of incidents before they occur.

$3 Million Ransomware Reporting Threshold

Department of Home Affairs officials outlined efforts to enhance transparency around ransomware payments by suggesting a $3 million threshold for mandatory reporting.

During consultations since February 2023, stakeholders have presented varying views, with some supporting a zero threshold to align with the Privacy Act.

While discouraging ransom payments, Hansford stated that transparency in reporting could help companies avoid future incidents. Australia’s requirements are less strict than those of countries like India and Singapore, with a “targeted and measured” framework.

To support small businesses, the ASD backs the $3 million turnover threshold to balance transparency with compliance capabilities.

ASD officials acknowledged the compliance challenges faced by small businesses and noted the importance of easing these burdens.

Enhancing Industry Collaboration

ASD has gathered feedback through roundtables and town halls since last year to shape its cyber security policies.

Dale Furse, the chief operating officer of ASD, mentioned that a centralized portal website at cyber.gov.au is in development to streamline reporting.

This portal will allow businesses to report incidents, vulnerabilities, and cybercrimes in a centralized location.

ASD has committed to making the portal accessible to small- and medium-sized enterprises (SMEs), with support from the Council of Small Business Organizations Australia and the 1300 CYBER1 hotline for direct assistance.

ASD believes that this portal will alleviate compliance burdens while ensuring the prompt collection of threat data.

Cybersecurity Education and Overcoming Trust Deficits

To address the increasing cyber threats, ASD is enhancing educational outreach through the Cyber Security Partnership Program.

Last year, this initiative hosted over 450 events aimed at promoting best practices across various sectors. Key areas of focus include advocating for secure-by-design standards and encouraging businesses to address vulnerabilities like default device passwords exploited by cybercriminals.

The cyber.gov.au portal complements these efforts by providing tailored guidance to different industries.

ASD stressed the significance of building trust within the business community to effectively combat the rising cyber threats.

Crowe mentioned that the limited-use provision allows ASD to promptly respond to cyber incidents without businesses fearing regulatory consequences.

Moreover, the provision under the Intelligence Services Act ensures that data reported to ASD is solely used for immediate cybersecurity purposes.

This framework is crucial in encouraging smaller organizations to report incidents and engage in cybersecurity initiatives.

However, there persists a trust deficit primarily due to regulatory concerns that hinder open information sharing.

While technical staff are often willing to collaborate, internal policies can limit their involvement.

ASD is committed to transparency and secure data handling to foster a more cooperative environment essential for mitigating the growing cyber risks faced by Australia.