The Australian Signals Directorate's latest Annual Cyber Threat Report reveals a cybercrime is reported every 6 minutes, with costs to businesses soaring. The report highlights the growing threat from state-sponsored actors and the impact of AI in enabling larger, faster attacks on the nation.
Harvard University has confirmed it was affected by a global cyber campaign exploiting a flaw in Oracle’s E-Business Suite. The attack, linked to the Cl0p ransomware group, targeted over 100 organisations worldwide, prompting urgent patching and investigation.
The Legal Practice Board of WA is notifying victims of a major data breach that took place in May after a ransomware attack by the Dire Wolf group compromised sensitive practitioner data.
The Australian Signals Directorate's latest Annual Cyber Threat Report reveals a cybercrime is reported every 6 minutes, with costs to businesses soaring. The report highlights the growing threat from state-sponsored actors and the impact of AI in enabling larger, faster attacks on the nation.
Cyber News Centre's cyber update for 16th October 2025: The Australian Signals Directorate (ASD) has released its Annual Cyber Threat Report for 2024-25, painting a sobering picture of a nation under persistent and escalating cyber-attack.
The report reveals that a cybercrime is reported every six minutes in Australia, with the financial toll on businesses and individuals continuing to climb. State-sponsored actors and cybercriminals are leveraging new technologies, including Artificial Intelligence (AI), to expand the scale and sophistication of their attacks.
The Update: The ASD's Australian Cyber Security Centre (ACSC) received over 84,700 cybercrime reports in the 2024-25 financial year. While the total number of reports saw a slight decrease, the average cost per report surged by 50% for businesses, reaching $80,850. Large businesses were hit hardest, with average losses skyrocketing by 219% to $202,700. The report also highlights a 16% increase in calls to the Cyber Security Hotline and an 11% rise in incident responses.
State-sponsored actors from China and Russia were identified as significant threats, targeting critical infrastructure, government networks, and businesses for espionage and disruption. The report explicitly notes that AI is "almost certainly" enabling malicious actors to launch attacks at a greater scale and speed. In response, the Australian Government has continued its investment in Project REDSPICE to bolster offensive and defensive capabilities and has imposed its first-ever sanctions against a cyber infrastructure entity, the Russian-based ZServers, for facilitating cybercrime.
"ASD’s Annual Cyber Threat Report sharply illustrates that the nation faces an increasingly challenging threat landscape where cyber-enabled espionage and crime are not a hypothetical risk, but a real and increasing danger to the essential services we all rely on," said Deputy Prime Minister and Minister for Defence, the Hon Richard Marles MP.
Why it Matters: The report confirms that the cyber threat to Australia is not only persistent but also growing in financial impact and sophistication. The statistic of a cybercrime report every six minutes underscores the pervasive nature of this threat to all Australians. The dramatic increase in the cost of cybercrime for businesses, particularly large enterprises, signals a direct and escalating threat to Australia's economic prosperity.
The specific mention of state-sponsored threats from China and Russia, and their focus on critical infrastructure, elevates the issue to one of national security, with the potential for disruption of essential services. The acknowledgement of AI as a threat multiplier indicates that the pace and scale of attacks will likely continue to increase, demanding a more urgent and adaptive response from both government and the private sector. The government's use of cyber sanctions represents a significant evolution in its strategy to deter and punish malicious cyber actors.
Listen to Stephanie Crowe, Head of the Australian Cyber Security Centre at the Australian Signals Directorate, as she explains key findings from the report. Source: Annual Cyber Threat Report 2024-25
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Harvard University has confirmed it was affected by a global cyber campaign exploiting a flaw in Oracle’s E-Business Suite. The attack, linked to the Cl0p ransomware group, targeted over 100 organisations worldwide, prompting urgent patching and investigation.
The Legal Practice Board of WA is notifying victims of a major data breach that took place in May after a ransomware attack by the Dire Wolf group compromised sensitive practitioner data.
Elite Washington D.C. law firm Williams & Connolly, has confirmed a nation-state-backed cyberattack. The breach leveraged a zero-day vulnerability to access attorney email accounts, part of a broader espionage campaign targeting the US legal sector.
A third-party data breach at Discord has exposed the government-issued IDs of 70,000 users, highlighting the significant security risks associated with supply chain vulnerabilities and age verification processes. The incident has sparked extortion demands and raised concerns for Australian users.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
