It’s the first large-scale study of the prevalence and harm of pure cyber crime within Australia, and its findings reveal an issue as widespread as it is insidious.
The study polled approximately 12,000 Australians, with 14 per cent reporting that they had experienced a disruption to network systems in the past 12 months alone.
It estimated that roughly 2.8 million Australians had been impacted by this type of attack within the past year, and nearly 6.7 million Australian adults could have been victims at any time in the past.
In 2019, a report from the Australian Institute of Criminology (AIC) found that the Australian economy suffered an annual hit of approximately $3.5 billion due to pure cyber crime. That comprised $1.4 billion spent on prevention costs, $1.9 billion in losses to victims, and $597 million spent dealing with the fallout by individuals.
Victims are rarely able to recover financial losses resulting from cyber crime.
Pure cyber crime is defined as activities that include hacking, spreading viruses and other malware, and attacks that shut down a machine or network.
In contrast, cyber-enabled crimes are traditional crimes that are facilitated or expanded by the use of computers and computer networks. Cyber-enabled identity theft, for example, falls into this category, and is estimated to cost Australians more than $3 billion per year.
“Pure cyber crime is a highly profitable criminal activity and results in substantial financial losses to Australians,” Flinders University's Professor Russell Smith said.
“On current information, as cyber criminals become more sophisticated, it’s clear the need for additional expenditure on prevention will need to increase.
“Equally, it is imperative that the financial harms associated with cyber crime are assessed so that resources for prevention and response activities can be targeted most effectively, and a baseline can be developed against which to measure the impact of future policy responses.”
Earlier in the year, Mr Smith authored a report examining the impact of COVID-19 on cyber crime, finding that the pandemic had spurred a growth in these criminal operations owing to the change in public health measures taken in response to the pandemic, the current state of technologies, and the activities of law enforcement and regulatory guardians during a time of emergency.
Coen Teunissen, lead author of the new AIC publication, also issued a warning to Australians in light of the figures this survey uncovered.
“Cyber crime is a growing, borderless and continually evolving body of crimes which can threaten individuals, businesses, government and national security,” Mr Teunissen said.
The report from AIC and Flinders University qualified its estimates as “conservative”, owing to the fact that many victims were unable to report how much they had lost or how much they had spent dealing with the consequences of cyber crime.