ASD Cyber Threat Report 2024

Keypoints

• The annual cybersecurity reports typically consist of sections such as executive summaries, year-in-review, threat actor analyses, critical infrastructure threats, cybercrime trends, hacktivism, resilience efforts, and government programs. Each section discusses key threats, recent activity, mitigation strategies, and national responses.
• Major statistics reveal over 36,700 calls to Australia’s Cyber Security Hotline, a 12% increase from the previous year, with more than 1,100 cybersecurity incidents responded to, indicating persistent threat activity.
• State-sponsored threats remain prominent, with actors like China and Russia adjusting their techniques for espionage, influence, and disruption, targeting government agencies, infrastructure, and supply chains.
• Cybercriminal activities such as business email compromise, ransomware, and identity fraud continue to evolve, leveraging new tools such as artificial intelligence to lower operational barriers and increase impact.
• Key trends show increased public-private sector cooperation, active threat monitoring, and proactive incident reporting; ASD has expanded its threat sharing platforms and technical assistance programs, including international collaborations with Five Eyes partners.
• The reports highlight the importance of investment in cybersecurity capabilities, regular updates of ICT systems, and comprehensive incident response planning as vital strategies for enhancing national resilience.
• Notable findings include rising vulnerabilities in critical infrastructure, the use of malicious techniques like living off the land tools by Chinese actors, and the need for organizations to adopt principles such as zero-trust and multi-factor authentication to mitigate risks.
• The ongoing strategic environment demands heightened awareness, stronger defenses, and international cooperation to counteract sophisticated and persistent cyber threats effectively.