Australia Losing $29 Billion a Year to Cyberattacks, Report Reveals

September 4, 2020 Updated: September 4, 2020

Australian families and businesses are urged to safeguard their cybersecurity as a new report reveals cyberattacks are ramping up against the country and costing $29 billion a year.

The report (pdf) from the Australian Cyber Security Centre (ACSC) found national security agencies received 59,806 reports of cybercrime over a 12-month period, almost one every 10 minutes.

ACSC has also responded to 2,266 major incidents, almost six per day.

Individual Australians meanwhile have lost $634 million (US $461 million) to scams in 2019 alone, while cybercrime is estimated to cost the broader economy up to $29 billion (US $21 billion).

In June, Prime Minister Scott Morrison warned that public and private organisations were coming under attack from a “sophisticated state-based cyber actor”.

Epoch Times Photo
Prime Minister Scott Morrison during Question Time in the House of Representatives at Parliament House on August 26, 2020, in Canberra, Australia. (Sam Mooy/Getty Images)

Morrison would not reveal which state was responsible. However, experts believe the most likely suspect to be the Chinese communist regime.

Defence Minister Linda Reynolds said the cybersecurity threat continued to climb over the past few months.

“That threat has not diminished since then. In fact, it has increased,” Senator Reynolds told reporters on Sept. 4.

The sophistication and quantity of attacks have increased, with the cybersecurity centre seeing a 300 percent jump in call volume since Morrison issued the public warning in June. Increased awareness of the threat may also be a driver behind the spike in calls.

Countries unfriendly to Australia are employing hackers or cybercriminals to spread disinformation and interfere in the economy, politics, and critical infrastructure like energy grids.

“This type of activity really does blur what we previously understood to be peace and war,” Reynolds said. “We now call it that grey zone in between.”

Epoch Times Photo
Australian Defense Minister Linda Reynolds at the IISS Shangri-la Dialogue in Singapore on June 2, 2019. (Feline Lim/Reuters)

Reynolds has been warning of increased grey zone activity in the Indo-Pacific region in recent months.

Matt Warren, professor of cybersecurity at the Royal Melbourne Institute of Technology told The Epoch Times on Sept. 4 that increasing cyberattacks from state-based actors was the “new normal.”

“These state-based threat actors have different motivations for their cyberattacks, for China, it is the acquisition of IP and cyber influence, for North Korea it is the acquisition of money for the government,” he said.

Cyber-criminal networks have a split focus targeting either highly classified information held by the government or concentrating their efforts on individuals to commit fraud and identify theft.

“At one end of the spectrum there are opportunistic cybercriminals who target Australians and Australian companies for financial gain,” Reynolds said.

cyber code
Hands are seen on a keyboard in front of a displayed cyber code in this picture illustration taken Oct. 4, 2018. (Dado Ruvic/Illustration/Reuters)

“At the other end of the same spectrum, there are sophisticated and very well-resourced state-based actors who are seeking to interfere in our nation,” she added.

The most targeted systems were those of the federal government with 436 incidents, while state-level governments followed with 367 incidents.

The health sector came in third with 164 incidents. For Warren, this was particularly concerning, “Imagine a Victorian hospital dealing with the COVID-19 outbreak and then being a victim of a ransomware attack.”

Defence Minister Reynolds said responsibility for cybersecurity needed to be shared by the public.

She outlined a series of measures to improve cybersecurity, including regularly changing passwords, updating computers or phones, avoid conducting important transactions on public Wi-Fi, and avoid clicking scam emails.

The report also found the most commonly employed tool by hackers was the “malicious email,” which can capture a person’s credentials once they click on a link or attachment, and in turn, use those credentials to gain access to their network.

For those who have experienced cybercrime report it to the Australian Cyber Security Centre at