A third of all cyber attacks investigated during the last financial year by Australia’s cyber security agency were targeted at the federal government.
Figures from the Australian Cyber Security Centre revealed that of the 671 cyber security incidents during 2016-17 that warranted an operational response, 33 per cent of those were aimed at federal parliament.
According to the centre, almost 14 per cent of threats were aimed at state or territory governments, however the Australian Signals Directorate declined to comment on the statistics for specific jurisdictions.
Of the remaining cyber security threats, more than 29 per cent were targeting industry, while all other attacks made up just less than 23 per cent.
An Australian Cyber Security Centre spokesman said threats were on the decline.
“As the security of government agencies and awareness of the threats have increased, the ASCS has been required to respond to fewer incidents,” the spokesman said.
“The federal government continues to constitute the majority of targets, followed by industry and state and territory governments.”
The decrease in the number of cyber attacks Australian Cyber Security Centre investigated comes as a bipartisan deal was reached in federal parliament to introduce new laws that will crack down on foreign interference.
The laws were introduced following warnings of unprecedented espionage damaging the national interest.
Attorney-General Christian Porter told Fairfax Media earlier this week that tougher measures were needed.
“There’s an unprecedented level of foreign intelligence activity in Australia and that means more foreign agents and more foreign powers using more tradecraft and more technologies to engage in espionage and foreign interference and the attempted foreign influence of our democratic processes,” Mr Porter said.
Analysis from the Australian Cyber Security Centre revealed cyber crime was estimated to cost Australians $1 billion a year, however, some estimates state the real impact to the nation is about $17 billion annually.
“As people and systems become increasingly interconnected, the quantity and value of information held online has also increased and, unfortunately, so have the efforts to steal and exploit that information,” the Australian Cyber Security Centre spokesman said.
Among the most frequent types of cyber security threats was ransomware, as well as malware targeting businesses.
“It affects individuals and organisations alike, and can impose significant costs in both recovery and down time,” the spokesman said.
“Trusted third parties access continues to be exploited, regardless of organisation size.”
The figures on cyber security threats to the federal government comes after a $9 million cyber security operations centre for Parliament House was announced in last month’s federal budget.
The Department of Parliamentary Services said seven staff members were expected to work in the new centre, which will be set up in the 2018-19 financial year and will focus on protecting the parliamentary computer network.
UNSW Canberra cyber security strategy and diplomacy professor Greg Austin said while there was a significant number of cyber security threats in 2016-17, the true number of incidents may not be known.
“The relationship between cyber security awareness and the actual cyber security of the federal and state governments aren’t that strongly connected,” he said.
“Governments and corporations talk about their cyber security awareness as if it’s the solution to the problem, when there’s about 1000 other more important things to do to monitor cyber security than just promote awareness.”
The Australian Cyber Security Centre is expected to hand down its next report on cyber security threats in October.