Uncovering Australia's Hidden Data Theft Epidemic: Costs and Prevention Strategies Revealed

Share and Follow

The agency responsible for detecting and disrupting malicious cyber threats wants certain password habits to be “over”, as the amount of money lost to cybercrimes continues to rise.

According to the Australian Signals Directorate (ASD), relying on a username and password system only, without additional steps for verification, can leave Australians’ data vulnerable to hacking.

Last year, individual victims of cybercrimes across Australia lost an average of $33,000, an 8 per cent increase.

On Tuesday, the ASD released its annual cyber threat report, revealing businesses suffered even higher losses, doubling to roughly $202,000 per crime.

ASD director-general Abigail Bradshaw told SBS News it’s time to move past passwords.

“I hope it [using passwords] is over. What we need is more technologies that enable multi-factor authentication, so that you are never solely reliant on a username and a password,” she said.

An infographic detailing how cyber incidents have risen to 1,200 in the last year, along with an increase in cybercrime reports, 84,700.

The Australian Signals Directorate (ASD) has reported handling over 1,200 cybersecurity incidents, marking an 11% rise from the previous year, 2023-24.

“We need anything, all accounts, must have multi-factor authentication. You need to roll your creds, that’s the language we use, change your passwords increasingly regularly. Don’t use it across multiple devices,” Bradshaw said.

She said Australia is increasingly targeted by both cybercriminals and state-sponsored cyber actors.

Although she notes that the way they are gaining access to organisations, critical infrastructure, and businesses is changing.

“Networks are increasingly not being hacked, but are being breached through compromised or stolen credentials to gain unauthorised access,” she said.

In almost half of the incidents impacting large organisations, access was gained using real usernames and passwords, often stolen or bought by cybercriminals on the dark web.

Given that the access is genuine, instead of a hack, it is harder to track.

“Once access is gained, they mimic legitimate user behaviour to steal sensitive personal or corporate information, install ransomware or malware and take over accounts,” she said.

A man in a suit stands in front of an Australian flag and a dark blue curtain, speaking.

“Once cybercriminals gain access, they often imitate legitimate user behavior to extract sensitive personal or corporate information, install ransomware or malware, and take control of accounts,” she warned.

Cybersecurity Minister Tony Burke acknowledged work by the signals directorate “protects Australians every day”, but also said there are steps users can take to keep themselves safe online.

“Most cyber incidents are preventable, and basic defensive measures make a huge difference,” he said.

How to keep yourself safe from cybercrime

Passwords and usernames remain the biggest vulnerability for safety, with home office routers often also targeted by cybercriminals and used to conceal their activities.

The ASD advised that the basics are still the best form of defence from cybercrime, encouraging multi-factor authentication, which requires at least two forms of identity verification.

Stephanie Crowe, head of ASD’s Australian Cyber Security Centre, said 42 per cent of the incidents reported through ASD in the last financial year involved an element of stolen credentials.

“What that enables them [cyber criminals] to do is use a username and password to get onto an individual’s device, or, if they’re lucky enough, they’ve also been able to take usernames and passwords for people’s corporate accounts,” he told SBS News.

An infographic detailing the annual average cost of cybercrime attacks on individuals, $33,000, and small businesses, $56,000.

The average self-reported cost of cybercrime per report for small businesses rose by 14 per cent to $56,600, while the cost to individuals rose 8 per cent to $33,000. Source: SBS News

When using passwords, the phrases need to remain unique, while reputable password managers can ensure passwords are not reused.

Other tips include regularly updating software on devices, backing up important data and staying alert to phishing messages and scams.

Last year, the ASD responded to 1,200 incidents and blocked access to 334 million malicious domains.

Businesses issued warning ahead of 2030

The ASD warns the environment will grow increasingly challenging for businesses, with the development of post-quantum cryptography, anticipated by 2030.

Whenever communication is exchanged between users, whether via websites or emails, encryption is applied to the messaging in transit to protect the data.

The technology anticipated will be able to unscramble this messaging quickly, making businesses more susceptible to data decryption or hacking.

ASD urged businesses to invest and prepare for this technology, as the cost of a hack could ultimately be greater.

It also includes three other changes: implementing effective logging, replacing legacy IT and effectively managing third-party risk.

Critical infrastructure emerged as the key concern in 2024-25, with malicious activity impacting networks over 190 times, a rise of 111 per cent.

“This highlights the ongoing need for vigilance and action to mitigate against persistent threats,” Bradshaw said.

The agency collects and analyses data from communications systems, radio frequencies and electronic transmissions.

It answered over 42,500 calls to the Australian Cyber Security Hotline last year.

Share and Follow

Facebook X Reddit Pinterest

Uncovering Australia’s Hidden Data Theft Epidemic: Costs and Prevention Strategies Revealed

Up next

Middle East Leaders Applaud Trump’s Landmark Peace Agreement

Author

NewsFinale Journal

Share and Follow

How to keep yourself safe from cybercrime

Businesses issued warning ahead of 2030

Share and Follow

Shocking Inquest Reveals Father’s Controversial Accusation: ‘Little Bastard Done It

Highlights from Trump’s Address on the Middle East’s ‘Historic Dawn’ in Israel

Gloucester's All Blacks star NEPO LAULALA on why he's desperate to pay back his new club after thinking he'd never play again, acing their 'impossible' milk challenge… and what he can teach Afolabi Fasogbon

Alarm Raised Over Leaked Phone Numbers of Prime Minister and Opposition Leader

Aussies admit to disgusting habit after going to the bathroom

Breaking: Police Disclose Startling Update in Dezi Freeman Case as Search Hits Critical Milestone

Marles and Wong Hail Trump’s Gaza Peace Plan as a Significant Success

Tragic Incident: Man Allegedly Confesses to Ex-Partner’s Death in Disturbing Triple-Zero Call

Keanu Reeves Sets the Record Straight on Marriage Speculations, Shares Red Carpet Moment with Alexandra Grant

Federal Judge Sanctions Lawyer Over AI-Generated Court Filings: A Cautionary Tale in Legal Tech

Breaking News: Gaza Ceasefire Heralds New Era in Peace Talks

Tragic Accident Claims Life of 80-Year-Old Woman in Flagler County

Uncovering Australia’s Hidden Data Theft Epidemic: Costs and Prevention Strategies Revealed

Up next

Author

NewsFinale Journal

Share and Follow

How to keep yourself safe from cybercrime

Businesses issued warning ahead of 2030

Share and Follow

You May Also Like