A surge in cybercrime targeting Australians has been attributed to China, according to the latest cyber threat report released by the Australian Signals Directorate (ASD). 

The agency says almost 94,000 reports of cybercrime were made to law enforcement agencies in the past financial year, revealing a 23 per cent increase from the previous year. 

The average cost of attacks on companies rose by 14 per cent, with Queensland and Victoria being major hotspots.

Notable breaches at Optus and Medibank underscore the severity of the situation. 

The ASD's involvement in investigating the recent attack on port operator DP World also highlights the ongoing threats faced by Australian entities. 

Despite a steady number of major cybersecurity incidents, serious attacks on federal government agencies and critical infrastructure increased from two to five.

The ASD expressed concerns over the persistent threat from state-backed cyber hackers, singling out China as a primary culprit. 

Russian hackers, characterised as “Russian-speaking eastern European” criminals, were also identified as targeting Australians. 

ASD cited examples of state-supported cyber attacks during the illegal invasion of Ukraine, emphasising the need for heightened cybersecurity measures.

The report indicates that Australia's growing military capabilities, particularly under the AUKUS agreement, could attract more attention from state-backed cyber criminals seeking to steal intellectual property. 

Despite these threats, there has been a lack of cooperation from major companies hit by cyber attacks, raising concerns about data being withheld from intelligence agencies. 

In response, the federal government is considering legislation to establish a “legal safe harbour”, ensuring that information shared with intelligence agencies during cyber attacks cannot be used against companies in legal actions.

ASD has highlighted the particular vulnerability of the food and grocery sector to future cyber attacks, highlighting the sector's reliance on smart technologies, industrial control systems, and internet-based automation systems. 

The report concluded that Australia's relative wealth and strong connectivity make it an attractive target for cybercriminals, with the available data likely representing only a fraction of the actual cyber threat landscape.

The full report is accessible here.