At the end of every financial year, the Australian Cyber Security Centre (or ACSC) releases its annual cyber threat report, and it was no different this year… and that’s what we’re talking about today.
As a business owner, keeping things afloat is the #1 priority for many of us, resulting in technology and data security taking a back seat. However, hackers and cybercriminals haven’t gone away, so it would be a mistake to ignore them.
With numbers already on the increase in last years report due to the COVID-19 pandemic, it is no surprise that the ACSC reported another
“bumper” year in terms of cybercrime activity:
Let's take a closer look at the key findings...
The ACSC report is filled with data, so we’ve pulled out the cyber security incident statistics that matter the most.
Calls were made to the Cyber Security hotline
Cybercrime reports made (a 13% increase)
Industry estimates of the annual financial fallout of cybercrime in the Australian economy. Up from $29b in 2019/20.
- The ACSC responded to 182 reported cyber security incidents on small organisations or sole traders
- Medium-sized businesses and organisations reported 341 incidents during 2020-21 FY
- State governments, supply chain organisations, and large businesses reported 955 cyber security incidents
A breakdown of the industries is below:
Where It Happened
2020/21 saw a repeat of last years ranking for states affected by cybercrime incidents
- Queensland was the unlucky “winner” in terms of most cybercrime reports made, with 30% of the total.
- Despite NSW having a million more people, Victoria actually had the second highest number of reports with 29%
- Unsurprisingly, the Northern Territory, due to its population, reported the least number of crimes at 1%
Types Of Cybercrime
- 23% of the reports were fraud-related
- 17% were shopping related crimes
- 12% were online banking cybercrimes
During the 2020–21 financial year, the ACSC received nearly 500 ransomware cybercrime reports via ReportCyber, which is an increase of nearly 15 per cent compared with the previous 2019–20 financial year.
In the 2020–21 financial year, the ACSC also responded to nearly 160 cyber security incidents related to ransomware. The professional, scientific and technical services sector and the health sector reported the most ransomware-related cyber security incidents.
The top five reporting sectors for ransomware-related incidents accounted for approximately 50 per cent of all ransomware-related incidents reported to the ACSC during the 2020–21 financial year
You can read more on Ransomware in
Business Email Compromise (BEC)
Australian businesses are losing significant amounts of money through BEC. BEC cybercrime was one of the top cybercrime categories, making up nearly 7 per cent of the cybercrime reports received in the 2020–21 financial year.
While there has been a slight decrease in BEC reports compared with the previous financial year, self-reported financial losses have increased – total losses were approximately $81.45 million (AUD) for the 2020–21 financial year, an increase of nearly 15 per cent from the previous financial year
You can read more on BEC in
A Different Kind of “COVID Surge”
In April 2020, near the beginning of the COVID-19 pandemic, the ACSC released a threat update around coronavirus and the methods cybercriminals were using to exploit the situation (in particular, several phishing campaigns pretending to be from the Government had been detected).
FortiTech has also put together an number of resources to help Australian businesses combat cyber attacks, you can check out all of our previous blogs to start with, or head straight to our free 14 Ways To Protect Yourself From A Cyber Attack cheat sheet. Or if you would prefer to speak with one of the team about how we can customise a solution for your business, just get in touch.