Threat Actors and APTs Target Australia, Stealing Over 50 Million Credentials

The Australian edition of our State of Cyber Threat Intelligence Report shows the latest statistics and findings from 2022—as well as emerging threats in 2023.

Default Author Image
April 17, 2023

2022 has been an auspicious year for threat actors and Advanced Persistent Threat (APT) groups targeting Australia, with adversaries stealing over 50 million credentials and personal information—a 99 percent increase compared to 2021.

Our latest report takes a deep dive into the Australian ecosystem of cyber threat intelligence,  state of data breaches, and ransomware, and how they specifically impact the country’s organizations and government—read about it here.

State of Cyber Threat Intelligence: Australia Edition

The following report focuses on the Australian cyber threat landscape, which rolls up into Flashpoint’s global State of Cyber Threat Intelligence report.

Here’s what you need to know:

Australia’s Media and Telecommunications Division under fire by threat actors

Following global trends outlined in our State of Cyber Threat Intelligence Report, our Australian edition showed that Australia’s Media and Telecommunications division was responsible for leaking 72 percent of Australia’s 50 million stolen credentials total. 

Vendors in this division include web-hosting companies, data processing services, and programming design—services that are often contracted by a multitude of organizations. Therefore, it is critical for Australian organizations to maintain a robust Vendor Risk Management Program, or to ensure that their digital supply chain is implementing effective security controls.

APT groups are targeting Australian government organizations

Australia has seen increased targeting and activity from both Chinese and Russian APT groups, with them being partially responsible for the massive amount of stolen credentials, as well as the marked increase of data breaches. Aside from the notable attacks against Optus and Medibank, the Australian Public Sector had experienced the most data leak events—accounting for nearly 20 percent of the nation’s total data breaches.

Flashpoint analysts observed security incidents throughout 2022 where government workers and contractors had used personal emails on government systems to subscribe to services that were completely unrelated to their workloads—one of the many cardinal sins of cybersecurity.”

State of Cyber Threat Intelligence: Australia Edition

Protect against converging threats with Flashpoint intelligence

As both our global and Australian edition demonstrates, threat vectors are converging at breakneck speeds, and the clashing of multiple disjointed feeds and solutions makes addressing risk increasingly difficult. To stay ahead of threat actors, leverage best-in-class intelligence provided by Flashpoint. Sign up for a free trial and download our latest report today.

Begin your free trial today.