Queensland has experienced the highest rate of cyber-crime incidents of all Australian states and territories, says a cyber security expert.
Professor Matthew Warren, Director of the RMIT Centre for Cyber Security Research and Innovation (CCSRI), has flagged the state’s growing crime issue as the Federal Government released its Australian Signals Directorate (ASD) Cyber Threat Report this week.
He said Australia’s more populous states continued to report more cyber crime.
“Queensland and Victoria report disproportionately higher rates of cyber crime relative to their populations,” Professor Warren told Proctor.
“However, the highest average reported losses were by victims in New South Wales (around $32,000 per cyber-crime report where a financial loss occurred) and the Australian Capital Territory (around $29,000).”
The actual breakdown of cyber-crime incidents by state is as follows:
- Queensland 30%
- Victoria 26%
- NSW 21%
- Western Australia 11%
- South Australia 6%
- ACT 2%
- Tasmania 2%
- Northern Territory 1%
Professor Warren said the top cyber attacks for businesses were email compromise, business email compromise and online banking fraud.
“A lot of email frauds are linked to human mistakes and are not very technical, such as phishing attacks – people could be sent an invoice and asked to pay,” he said.
“As many legal firms are small firms, the report highlighted that the average costs of cyber-crime incidents had gone up by 14 per cent. For a small business this is now $46,000 per incident on average.
“The report identified 94,000 cyber-crime reports were reported in 2023-2024 up by 23 per cent.”
He said this was an average of a report every six minutes; the previous year a crime was reported every seven minutes.
“The current situation is the new cyber normal that Australia faces,” Professor Warren said.
“The government has taken steps to resolve the situation including a new national cyber security co-ordinator, new cyber security regulations, and next week the release of the national cyber security strategy.”
The government also responded to 143 cyber incidents focused on Australia’s cyber security critical infrastructure.
“Cyber crimes are becoming increasingly sophisticated operations, and these attacks will continue to rise in the micro and macro levels until we introduce preventative measures that can keep up with their development,” Professor Warren said.
“The report states key cyber issues identified are ongoing poor patch management and poorly connected IT and operation technology networks.
“Hopefully, the Federal Government’s Cyber Security Strategy, which is set to be handed down next week, will strengthen Australia’s cyber security strategies and regulations to minimise the risks and disruptions caused by increasing cyber attacks.”