The financial impact of cybercrime is set to reach unprecedented levels in 2025, with global costs expected to soar to $10.5 trillion annually. The rapid evolution of cyber threats presents grave challenges for individuals, businesses, and governments worldwide.
As digital reliance grows, so too does the sophistication of cyberattacks, with phishing, malware, ransomware, and other cybercriminal activities causing substantial financial and operational damage.
Escalating Cyber Threats in 2025
According to an Australian tech news publication cybercriminals are increasingly employing advanced tactics, making detection and mitigation more difficult than ever.
The rise of Artificial Intelligence (AI) in both defense and attack strategies is reshaping the landscape, with AI-powered phishing campaigns and other automated attacks growing in volume and complexity.
Key cyber threats expected to dominate in 2025 include:
- Phishing Attacks
Phishing remains one of the most common and damaging cyberattack techniques. This social engineering tactic uses deceptive emails and websites to steal sensitive information like usernames, passwords, and financial details. Spear phishing, a more targeted form, has become more prevalent, with 62% of phishing attacks utilizing this method. - Malware
Malicious software, such as viruses, worms, spyware, and ransomware, remains a persistent threat. Malware can disrupt systems, steal sensitive data, and allow unauthorized access. Ransomware, in particular, has gained significant traction, with high-profile attacks causing billions in damages annually. - Ransomware
Ransomware attacks continue to wreak havoc globally, with an average cost of $4.54 million per attack. In 2023, 72.7% of organizations worldwide were targeted. Despite the growing costs, almost half of the companies affected now have policies in place to pay ransoms, although only 8% recover all their data. - Denial-of-Service (DoS) Attacks
These attacks flood systems with traffic to render services unavailable. Distributed Denial-of-Service (DDoS) attacks, which use multiple compromised devices, are particularly hard to defend against. - SQL Injection
A method where attackers exploit vulnerabilities in web applications to manipulate databases and steal, modify, or delete data. SQL injection remains a major concern for organizations with poorly sanitized user inputs. - Zero-Day Exploits
Exploits that target vulnerabilities unknown to software vendors are among the most dangerous. These “zero-day” vulnerabilities are highly sought after in the black market, allowing cybercriminals to carry out complex attacks. - Advanced Persistent Threats (APTs)
These long-term, targeted attacks often aim to steal valuable data rather than cause immediate damage. APTs are especially common in industries like government and finance. - Cryptojacking
This involves using someone else’s computer resources to mine cryptocurrencies without permission. The increased energy usage and reduced system performance are significant consequences of this attack. - IoT Attacks
The Internet of Things (IoT) offers many conveniences but also introduces vulnerabilities. IoT devices often have weak security, making them prime targets for cybercriminals who can use them to launch larger-scale attacks.
Financial Impact: Soaring Costs of Data Breaches
The economic consequences of cybercrime are staggering. In 2023, the global average cost of a data breach reached $4.45 million, marking a 15% increase over the last three years.
U.S. businesses were the hardest hit, with the average breach cost rising to $5.09 million. Remote work has only exacerbated these challenges, adding an average of $173,074 to breach costs as new vulnerabilities in hybrid environments become more prevalent.
Industry-Specific Vulnerabilities
Certain industries face unique challenges:
- Healthcare: The healthcare sector experienced a 239% increase in hacking-related breaches over the past four years, with an average cost of $11 million per breach.
- Manufacturing: This sector is the top target for cyber extortion campaigns, accounting for 20% of all such incidents.
- Financial Services: Financial institutions remain vulnerable, with an average of 449,855 sensitive files exposed per breach and an average 233-day delay in detecting breaches.
- Education: Educational institutions have suffered over $53 billion in downtime costs due to ransomware attacks between 2018 and mid-2023.
The Role of AI in Cyber Threats
While AI has proven invaluable in strengthening cybersecurity defenses, it has also empowered cybercriminals.
In fact, 85% of cybersecurity professionals attribute the rise in cyberattacks to generative AI, which allows attackers to craft highly sophisticated and undetectable phishing emails, automate attack campaigns, and increase the overall velocity of attacks.
Geopolitical Factors Influence Cybersecurity
The ongoing Russia-Ukraine conflict has heightened cyber threats globally, with 97% of organizations reporting increased threats since the war began.
In response, over half of organizations updated their business continuity and risk plans to adapt to the changing landscape. Additionally, geopolitical tensions continue to fuel hacktivism, as politically motivated cyberattacks are on the rise.
Cybercrime Costs Surge in Australia, Impacting Businesses and Individuals
Australia is facing a sharp rise in the financial burden of cybercrime, with both businesses and individuals experiencing significant losses. As the digital landscape becomes more vulnerable to malicious actors, the costs of cybercrime are escalating, with businesses bearing the brunt of data breaches and fraud.
Financial Impact on Businesses
Cybercrime is taking a heavy toll on businesses across Australia. In 2024, small businesses reported an average cost of $49,600 per cybercrime incident, marking an 8% increase compared to the previous year. Medium and large businesses also faced substantial costs, though with some fluctuations.
- Small businesses: The average cost of cybercrime per report is $49,600, up 8% from 2023.
- Medium businesses: These businesses reported an average cost of $62,800, which represents a 35% decrease from the previous year.
- Large businesses: The cost for large businesses averaged $63,600, down 11% from 2023.
Despite some reductions in cost for medium and large businesses, the rising number of incidents continues to place pressure on organizations across all sectors.
Data Breaches: A Growing Concern
Data breaches continue to be one of the most significant threats to Australian businesses. The average cost of a data breach in the country now stands at AUD $4.26 million, reflecting a sharp 27% increase since 2020. These breaches are not only financially damaging but can also have long-lasting reputational impacts for the affected businesses.
Common Types of Cybercrime in Australia
The nature of cybercrime in Australia varies, with specific types posing more prevalent threats:
- Email compromise: This type of attack accounted for 20% of reported incidents, often involving deceptive tactics like phishing.
- Online banking fraud: At 13%, online banking fraud continues to be a popular target for cybercriminals.
- Business email compromise fraud: Also representing 13% of cybercrime reports, this tactic targets businesses by exploiting legitimate email communication.
Financial Impact on Individuals
For individuals, the cost of cybercrime incidents has also been on the rise, with the average loss per report increasing by 17% to $30,700 in 2024. This surge in individual cybercrime costs is a stark reminder of how personal finances and sensitive information are at constant risk.
Top three cybercrime types affecting individuals include:
- Identity fraud: Making up 26% of all individual cybercrime incidents, identity theft continues to be the most common and costly threat.
- Online shopping fraud: At 15%, online shopping scams are prevalent, often leading to financial losses and stolen personal information.
- Online banking fraud: This fraud, at 12%, also remains a major concern, with criminals targeting individuals’ banking accounts for quick financial gains.
Australia’s Cyber Threat Landscape: Growing Challenges and Strategic Responses
Australia is grappling with an increasingly complex strategic environment, a challenge that extends to the nation’s cybersecurity.
With the rapid advancement of critical and emerging technologies, Australia faces a dual-edged sword: these innovations bring significant social and economic benefits but also enhance the capabilities of malicious cyber actors.
Rising Cybersecurity Incidents
The Australian Signals Directorate (ASD) has been under significant pressure, responding to a surge in cyber activity. In the 2023-2024 financial year, ASD received over 36,700 calls to its Australian Cyber Security Hotline, marking a 12% increase from the previous year.
Additionally, ASD responded to over 1,100 cyber incidents, underscoring the persistent threats facing Australian networks and critical infrastructure.
The Ongoing Threat from State-Sponsored Cyber Actors
State-sponsored cyber actors remain a critical concern, with advanced, evolving techniques being used to target Australian government agencies, critical infrastructure, and businesses.
These actors conduct operations with state-driven goals, including espionage, influencing political outcomes, and positioning themselves for potential disruptive cyberattacks.
In February 2024, ASD, alongside international partners including the US, released an advisory highlighting the growing threat from the People’s Republic of China (PRC).
The advisory revealed that China is increasingly leveraging “living off the land” techniques, abusing native tools and processes to exploit system vulnerabilities. This strategy indicates a shift away from traditional cyber espionage toward pre-positioning for disruptive attacks.
Meanwhile, Russia has adapted its tactics, particularly in the exploitation of cloud platforms, further emphasizing the need for robust cybersecurity measures to stay ahead of these evolving threats.
The sophistication of these cyber actors necessitates increased investment in cybersecurity skills and resources by network defenders.
Critical Infrastructure Under Threat
Critical infrastructure continues to be a prime target for cyber adversaries. The sensitive data held by these systems and the potential for widespread disruption in case of a breach make them attractive targets.
In FY2023-24, 11% of cybersecurity incidents handled by ASD were linked to critical infrastructure, with potential consequences that could affect essential services, the economy, and daily life in Australia.
Cybercrime: A Persistent and Evolving Threat
Cybercrime remains a pervasive and disruptive force. Cybercriminals are increasingly leveraging tools like artificial intelligence (AI), which reduces the sophistication required for successful attacks.
In FY2023-24, business email compromise and fraud were among the top self-reported cybercrimes affecting Australian businesses and individuals. Additionally, ransomware and data theft extortion continued to wreak havoc, causing substantial financial damage across various sectors.
In response to these growing cybercriminal activities, the Australian government has taken significant steps, including the use of its autonomous cyber sanctions framework.
For the first time in FY2023-24, Australia sanctioned two Russian citizens involved in cybercrime activities. This measure aims to deter cybercriminals and protect Australians from the escalating threat landscape.
Collaborative Efforts to Enhance Cyber Resilience
Strong partnerships remain a cornerstone of Australia’s cybersecurity strategy. ASD continues to work closely with government agencies, industry partners, and international allies to bolster the nation’s cyber defenses.
Initiatives like the ASD-Microsoft collaboration, which integrates ASD’s Cyber Threat Intelligence Sharing platform with Microsoft’s Sentinel platform, have significantly enhanced the speed and scale of information sharing. These efforts enable a more coordinated and rapid response to emerging threats.
During FY2023-24, ASD notified more than 930 entities about potential malicious activity on their networks, further emphasizing the importance of collaboration between government and industry in protecting Australia’s cyber landscape.
Future Cybersecurity Challenges and Recommendations
As cyber threats become more sophisticated, organizations must adopt a proactive approach to cybersecurity. The key to resilience lies in regularly updating and applying ICT best practices, such as following the Essential Eight—ASD’s cybersecurity recommendations.
Additionally, replacing unsupported ICT systems with secure-by-design products and considering cybersecurity during the implementation of new technologies will be crucial in safeguarding against future threats.
Cybersecurity is not a set-and-forget task; it requires continuous adaptation and vigilance. With the right partnerships, investments in cybersecurity, and a forward-thinking approach, Australia can better defend against the growing threat of cyberattacks and ensure the protection of its critical assets.
Cybercrime Trends in Australia: Insights from 2023-24
Australia has experienced a continued surge in cybercrime activity throughout 2023-24, with a range of individuals and businesses reporting significant financial and operational impacts. The landscape of cybercrime continues to evolve, with identity fraud, email compromise, and online banking fraud emerging as the top threats.
Top Cybercrime Types: Individuals vs. Businesses
For individuals, identity fraud remains the leading cybercrime, accounting for 26% of all reported cases. Online shopping fraud follows closely with 15%, while online banking fraud makes up 12% of the reports.
These types of cybercrime can result in considerable financial losses, with fraudsters taking advantage of personal data and digital transaction vulnerabilities.
For businesses, the landscape differs slightly, with email compromise topping the list at 20% of reported incidents. Business email compromise (BEC) fraud is the second most common business cybercrime at 13%.
The key difference between general email compromise and BEC fraud is that the latter involves direct financial losses. BEC attacks often use phishing or social engineering tactics to manipulate employees into making unauthorized transfers or disclosing sensitive information.
Cybercrime Impact on Businesses
The impact of cybercrime on Australian businesses remains significant, especially for small businesses. Small businesses reported an average loss of $49,615 in 2023-24, an 8% increase from the previous year. Medium-sized businesses saw a decrease in reported losses, down by 35% to $62,870, while large businesses reported an average loss of $63,602, a 11% decrease compared to the previous year.
The majority of cybercrime reports came from small businesses, which continue to be disproportionately affected. According to the Australian Bureau of Statistics, 91.9% of businesses in Australia had a turnover of less than $2 million in 2022-23, highlighting the vulnerability of smaller operations to cyber threats.
Cybercrime Reports by Industry and Region
Certain industries report higher rates of cybercrime. The retail trade accounts for 15% of all reported cybercrimes, followed by professional, scientific, and technical services at 13%.
The construction sector is also heavily impacted, with 12% of reports coming from this industry. Financial and insurance services contribute 8% of reports, while other services represent 7% of all reported incidents.
Geographically, Australia’s more populous states, namely Queensland and Victoria, report disproportionately higher rates of cybercrime relative to their populations.
In terms of financial losses, victims in New South Wales have the highest average losses, at around $86,000 per reported cybercrime incident. Victoria follows closely with an average loss of around $66,000 per report.
Decrease in Overall Reports
While the number of cybercrime reports decreased in 2023-24 compared to the previous year, this decline is attributed to an influx of reports in the prior financial year due to high-profile incidents.
Despite the drop in overall report volume, the financial impact of cybercrime continues to be a substantial concern for businesses and individuals across the country.
Exploitation of SOHO Routers: A Significant Cybersecurity Risk for Individuals and Small Businesses
Small-office/home-office (SOHO) routers are the key devices that connect Australian households and small businesses to the internet. These routers often come as default equipment provided by internet service providers (ISPs) when customers sign up for new internet services.
In fact, approximately 8.3 million Australian residential internet connections depend on SOHO routers, many of which may be vulnerable to exploitation by cybercriminals.
SOHO routers represent an attractive target for malicious actors due to their widespread use and potential vulnerabilities. Information about these devices, such as their IP addresses and firmware versions, can be easily found using publicly available search engines. This makes them a prime target, as attackers can gain access to valuable data with relatively low effort.
The exploitation of SOHO routers presents a serious cybersecurity threat. Once compromised, a router can serve as an entry point for attackers, allowing them to infiltrate a victim’s network and potentially steal sensitive data.
In addition, these routers can be integrated into botnets—collections of infected devices that are controlled remotely by cybercriminals. Without the knowledge of their owners, these devices can be used to launch large-scale cyberattacks, utilizing the device’s hardware and processing power to carry out malicious activities.
To reduce the risks associated with SOHO router exploitation, it’s essential to take proactive steps to secure these devices:
- Keep Your Router Updated: Enable automatic updates where possible to ensure your router has the latest security patches.
- Change Default Wi-Fi Network Settings: Modify the default Wi-Fi network name (SSID) and password used to access your router’s settings to make it more difficult for unauthorized users to gain access.
- Change Default Router Credentials: Update the default username and password for your router’s admin interface to enhance security.
ICT Supply Chains: The Hidden Cybersecurity Vulnerability
An organization’s cybersecurity strength is only as robust as its weakest link, and for many businesses, that weak link lies within their ICT supply chains.
Most organizations rely on third-party providers for various ICT services, such as hardware supply, data and web hosting, Software as a Service (SaaS), and enterprise resource planning (ERP) tools.
As such, organizations must evaluate and continuously monitor the cybersecurity measures of their suppliers and service providers to minimize exposure to threats.
Granting suppliers privileged access to internal systems creates a potential vulnerability, especially if that supplier’s security is compromised.
A breach at a supplier can have a domino effect, compromising the systems and data of all their customers. Cybercriminals often exploit this by targeting suppliers to launch attacks on multiple organizations at once, making it more challenging to detect and mitigate the threat.
What a Supply Chain Attack Looks Like
- Exploitation of Vulnerabilities: A malicious actor identifies and exploits a vulnerability in a public-facing application used by a software provider.
- Compromising the Software Provider: The cybercriminal successfully breaches the software provider, gaining access to their systems.
- Infected Managed Service Provider (MSP): Employees at the MSP unknowingly download software containing malware, which is then distributed to their clients.
- Impact on Client Systems: As a result, multiple organizations that are clients of the MSP—who often have privileged access to sensitive data—become vulnerable. These clients suffer the consequences of a breach they didn’t directly cause, further complicating detection and mitigation efforts.
Supply chain attacks like this can be devastating, as they allow attackers to hide behind trusted relationships and gain access to sensitive information across multiple organizations.
This highlights the critical need for businesses to assess the security of their supply chain partners and implement strong security protocols to minimize risk.
The Growing Threat Landscape
As the costs associated with cybercrime continue to climb, both businesses and individuals in Australia must be increasingly vigilant about cybersecurity.
From protecting sensitive data to educating employees and consumers about phishing and fraud risks, effective cybersecurity strategies are critical to minimizing financial losses and safeguarding against the rising tide of digital threats.
Predictions for 2024 and Beyond
Looking ahead, cyber threats in 2024 are expected to become more automated and more difficult to detect, particularly as AI tools continue to evolve.
Infostealers, automated phishing, and malware loaders are anticipated to drive many attacks, with ransomware groups like “LockBit” remaining prominent.
The ongoing geopolitical instability will further shape the nature of cyber threats, with hacktivist groups and state-backed cyber operations continuing to pose serious risks.
As businesses and individuals brace for an increasingly perilous digital environment, robust cybersecurity measures will be more critical than ever to protect against the expanding range of threats in 2025.
