Cyber security incidents, by type 2019-2020

Data source: ACSC Annual Cyber Threat Report 2019-2020

The most common types of cyber incidents in Australia are displayed, from July 2019 to June 2020.

Malicious email was the most frequent type of cyber security incident reported over the time period. Phishing and spearphishing emails have consistently remained the most common cyber security incidents reported to the ACSC. Adversaries continue to use phishing as a means of obtaining initial access into a network. Attacks often involve compromising user credentials or installing malware after a recipient clicks on a malicious link or attachment. The second most common incident was a 'compromised system'. This category relates to incidents where an adversary has accessed or modified a network, account, database or website without authorisation.

Cyber security incidents, by categorisation 2019-2020

Data source: ACSC Annual Cyber Threat Report 2019-2020

The ACSC categorises each incident we respond to on a scale of Category 1, the most severe, to Category 6, the least severe. Of the 2,266 incidents reported, the largest proportion were assessed as being ‘Category 5 – Moderate Incident’ (36.5%, n=828) followed by ‘Category 4 – Substantial Incident’ (33.3%, n=754). These categories broadly represented malicious cyber activity such as targeted reconnaissance, phishing emails and malicious software impacting larger organisations, key supply chain and Commonwealth and state government entities.