Australians are facing an escalating cybersecurity threat as stolen usernames and passwords are increasingly used by cybercriminals to infiltrate workplaces. According to a recent report, two in five critical security incidents affecting large companies, governments, and academic institutions now stem from compromised accounts or credentials.
The Australian Signals Directorate (ASD), a key government intelligence agency, highlighted these concerns in its latest annual threat report. The agency noted that cybercriminals are leveraging Australians’ vulnerable home internet connections and smart devices to create expansive networks that obscure their identities during global cyberattacks.
Rising Cyber Threats and AI’s Role
The report underscores the role of artificial intelligence in enabling cyber actors to execute attacks on a larger and faster scale. “The prevalence of artificial intelligence almost certainly enables malicious cyber actors to execute attacks on a larger scale and at a faster rate,” the report states. This development aligns with Australia’s increasing reliance on internet-connected technology, which opens new opportunities for cybercriminals.
ASD Director-General Abigail Bradshaw revealed that the agency responded to 1,200 cybersecurity incidents in the latest financial year, marking an 11 percent increase. Critical infrastructure entities were notified about potential malicious activity 190 times, more than double the previous year.
Compromised Credentials: A Growing Concern
Bradshaw emphasized that networks are increasingly breached through compromised or stolen credentials. “Compromised accounts or credentials accounted for 42 percent of incidents impacting large organizations, government, academia, or supply chains,” she said. Cybercriminals are targeting Australia to steal credentials, which they then use to mimic legitimate user behavior, steal sensitive information, and install ransomware or malware.
“Once access is gained, they mimic legitimate user behavior to steal sensitive personal or corporate information, install ransomware or malware, and take over accounts.” – Abigail Bradshaw
The ASD report highlights an aggressive campaign of credential theft, with cybercriminals purchasing stolen usernames and passwords from the dark web. This access allows them to infiltrate personal email, social media, or financial accounts, leading to financial losses, privacy breaches, and identity theft. Last year, the average person lost $33,000 due to cybercrime.
Corporate Vulnerabilities and Financial Impact
Stolen credentials are also being used to access corporate systems, with cybercriminals seeking to buy and use credentials associated with corporate accounts. Once inside, detecting a compromise becomes challenging, often resulting in ransomware, extortion, or theft of intellectual property.
Businesses affected by cybercrime lost $80,850 on average, while large businesses suffered $202,700 per incident, an increase of over 200 percent since last year.
The frequency of ransomware attacks, data breaches, and financial losses all surged last year. The ASD’s focus remains on top-tier financially motivated criminals, typically from Eastern European and Russian-speaking cyber gangs.
State-Sponsored Threats
State-sponsored hackers and spies continue to pose a significant and growing threat to Australia. These actors target networks operated by Australian governments, critical infrastructure, and businesses for state goals. “State-sponsored cyber actors may also seek to use cyber operations to degrade and disrupt Australia’s critical services,” the report warns.
One method employed by state-sponsored organizations, such as the China-linked group APT40, involves targeting home internet devices like routers and VPN products. These devices often have internet-facing vulnerabilities that are difficult to monitor or secure, making them attractive targets for building networks to launch further attacks.
Exploiting home devices helps cybercriminals blend malicious traffic with legitimate traffic, complicating detection and prevention efforts.
Looking Ahead: Strengthening Cyber Defenses
The ASD report highlights the urgent need for enhanced cybersecurity measures to protect against both independent and state-sponsored threats. As cybercriminals continue to evolve their tactics, the importance of robust cyber defenses and public awareness cannot be overstated.
Moving forward, collaboration between government agencies, businesses, and individuals will be crucial in mitigating the risks posed by cyber threats. By staying informed and proactive, Australia can better safeguard its digital landscape against the growing tide of cybercrime.
