eCommerceNews Australia - Technology news for digital commerce decision-makers
Australia
Guides
#
commerce systems
#
customer data platforms
#
data analytics
#
digital signage
#
payment technologies
Search
Story image
#
Endpoint Protection
#
Network Security
#
Cybersecurity

Australia faces rising cyberattacks targeting key infrastructure

Today
Author image
By Sean Mitchell, Publisher

Cyberattacks targeting critical infrastructure in Australia have risen substantially in recent years, particularly affecting sectors such as energy, water, healthcare, and transportation.

Data from the Australian Signals Directorate (ASD) indicates cyber incidents impacting these sectors increased from 95 in the 2021–22 financial year to 143 in 2022–23, representing a 50% rise. Although incidents dropped slightly to 121 in 2023–24, authorities continue to regard the threat landscape as deeply concerning due to both the number and increasing complexity of attacks.

One factor driving this risk is the merging of Operational Technology (OT) with Information Technology (IT) systems. While this convergence enhances efficiency and enables real-time monitoring for infrastructure providers, it also exposes traditionally isolated OT systems to new cyber threats. OT systems, once protected by physical isolation or "air-gapped" networks, now face vulnerabilities common to standard IT environments as they become increasingly connected for monitoring, remote control, and analytics.

This integration has widened the attack surface, enabling threat actors to target legacy systems lacking up-to-date security features or to exploit weak points such as exposed endpoints and insecure third-party vendors. Successful intrusions can disrupt operations, steal sensitive data, or even inflict physical damage on infrastructure.

During the 2022–23 financial year, 57% of cyber incidents reported by critical infrastructure organisations involved compromised credentials, denial-of-service attacks, and unauthorised network or infrastructure access. Any such incident can have significant impacts, including disrupting essential services, undermining public trust, and causing cascading effects across interconnected systems.

The ASD has highlighted that sectors responsible for national assets are particularly attractive targets because of the sensitive data they hold and their importance to public safety and economic stability.

The threat landscape is further complicated by the involvement of state-sponsored actors alongside financially motivated cybercriminals. These attackers are often highly resourced and strategic, focusing on gathering intelligence, disrupting national operations, or probing systemic weaknesses. The ASD's Cyber Threat Report pointed to an increase in incidents involving the exploitation of public-facing services, phishing efforts, and brute-force techniques used to gain system access.

Some of these infiltrations remained undiscovered for lengthy periods, allowing attackers to thoroughly map internal networks and exfiltrate valuable data. In the past year, more than 11% of cyber incidents recorded involved key sectors such as electricity, gas, water, education, and transport. The consequences have proven significant, with examples including interruptions to hospital operations, risks to water quality, and electricity outages affecting thousands of people.

Defence Minister Richard Marles commented on these developments, stating, "We are worryingly seeing an increased focus by both cyber criminals and state actors on our critical infrastructure." His remarks reflect a widespread sense of urgency among government and industry stakeholders as they seek to boost the nation's cybersecurity resilience.

Addressing these risks requires collaborative action across both public and private sectors. Cybersecurity is increasingly being integrated as a fundamental component of infrastructure operations, supported by ongoing risk assessment, workforce training, system segmentation, and response planning.

Cybersecurity providers specialising in OT systems are contributing to these efforts by offering services such as protocol consulting, security posture reviews, threat detection, and tailored hardening solutions. Their expertise in industrial systems — spanning areas such as Supervisory Control and Data Acquisition (SCADA) and Programmable Logic Controllers (PLCs) — helps to address vulnerabilities unique to critical infrastructure.

Borderless CS, an Australian-based cybersecurity firm, has worked with municipal councils to install proactive endpoint protection systems, supporting early detection of threats and more streamlined incident response procedures. These initiatives aim to help local governments maintain uninterrupted delivery of essential services while strengthening their security posture.

Beyond technology-focused measures, public awareness campaigns and the sharing of intelligence across sectors are seen as vital to limiting the spread and effect of cyber threats. The creation of threat-sharing frameworks such as the Australian Cyber Security Centre (ACSC) is regarded as a key step in improving situational awareness and facilitating collaborative responses to emerging threats.

Recent trends underline a growing national security concern around cyberattacks on Australia's critical infrastructure. As system connectivity expands, organisations are being encouraged to enhance their defensive measures, employing layered security, rigorous verification of network access, and promotion of a security-centred culture at every organisational level.

With the continued involvement of cybersecurity professionals and increased cooperation across relevant sectors, there are ongoing efforts to bolster Australia's cyber resilience and safeguard the essential services on which the population depends.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Ignition launches AutoCollect to automate late invoice payments
MOVA Tech debuts innovative smart cleaning appliances in Australia
Australian SMEs lose time to payment inefficiencies, survey finds
Agentic AI: Redefining how we work with technology
Care & tech jobs surge as traditional roles decline in Australia
Top stories
Visa & Sektor join to highlight payment innovation at event
Career growth, flexibility & upskilling top 2025 work trends
Adoption of AI in Manufacturing: A look into trends, strategies and challenges
Konica Minolta launches free CloudPrint for bizhub devices
Australian banks prioritise digital overhaul to meet demands