Common threats

The cyber threat to Australian organisations is undeniable, unrelenting and continues to grow.

Organisations could be a target even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries.

Many organisations are at risk purely because they are vulnerable through unpatched software or unaware staff members.

Common threats impacting Australian businesses include:


Ransomware is malicious software that makes data or systems unusable until the victim makes a payment. It is the fastest growing malware threat, targeting users of all types and affecting businesses around the world. For more information visit the Ransomware page on our website.


Phishing is where untargeted, mass emails are sent to many people asking for sensitive information (such as bank details), encouraging them to open a malicious attachment or visit a fake website that will ask the user to provide sensitive information or download malicious content. For more information visit the Phishing page on our website.

Distributed Denial of Service

A Distributed Denial of Service (DDoS) attack is when legitimate users are denied access to computer services (or resources), when the service is overwhelmed with requests from multiple sources. For more information visit the DDoS page.

Scams targeting businesses

Australian businesses are a common target for a range of scams, with adversaries using advanced social engineering techniques to target staff members and enhance the perception of being legitimate. For more information visit the Scams page.

Secondary targeting

This is where adversaries prey on small networks which are connected through their IT systems to a target organisation of higher value. It can enable cyber adversaries to exploit customer data and networks through a range of direct and indirect means. For more information visit the Secondary targeting page.

Targeting bulk personally identifiable information

Australian networks holding large numbers of records of personally identifiable information (PII) are often targeted by cyber adversaries. Cybercriminals may use the stolen information for identity theft or attempt to extort money from organisations and individuals by threatening to release the stolen data. For more information visit the Targeting bulk PII page.

Unauthorised cryptomining

CERT Australia is aware of an increase in cryptocurrency mining (cryptomining) malware, used to exploit the processing power of systems globally. Cryptomining software uses a system's processing power to solve complex mathematical problems, which verify existing digital currency transactions. For more information visit the unauthorised cryptomining page.