Business urged to step up on cyber threat

Australian businesses are being told to lift their standards when it comes to protecting customer data as malicious cyber attacks target the nation.

A new report from the Australian Cyber Security Centre has found sophisticated state and criminal actors are striking more frequently, with a cyber crime being reported every seven minutes.

Cyber Security Minister Clare O'Neil has put businesses on notice and says they are expected to handle their customer's cyber data better in light of the "concerning" report.

"To big businesses around this country: you have got obligations to Australians, especially if you are collecting and keeping personal information about your customers," she told the Nine Network on Friday.

"I want the corporate sector to step up and do better."

The cyber security agency received more than 76,000 reports in the past financial year, a 13 per cent increase from the year before.

Publicly reported software vulnerabilities also jumped 25 per cent.

Almost $100 million has been lost to Australians having compromised email systems, an average of $64,000 for each reported instance.

This includes criminals sending emails pretending to be a business to solicit payments, such as a real estate agent requesting a deposit.

Deputy Prime Minister Richard Marles said everyone needed to be a lot more vigilant.

"The cyber space is a lot more challenging environment. There are a lot of pickpockets out there but this can happen on a grand scale," he told ABC radio.

"There are simple steps that people can take to keep themselves safe."

This includes not clicking on links in text messages or emails, ensuring software updates are up-to-date and being more careful with their data.

Mr Marles said the government was investing heavily in the cyber security space to update systems and would consider a public education campaign.

The report found on average a small business loses $39,000 and this increases to $88,000 for medium ones as a result of cyber attacks.

The average loss was highest in Western Australia at $112,000 and lowest in the Northern Territory at $26,000.

In NSW, the average loss was almost $70,000 and all other states and territories sat around $50,000.

But the most at risk are commonwealth and state government systems, making up more than a third of all cyber incidents.

Health systems were the next big targets, mainly due to cyber criminals attacking vulnerable businesses that are more likely to pay ransoms to access their data back.

The security agency's head Abigail Bradshaw said cyber threats were constantly evolving and targeting the nation's critical infrastructure more frequently.

It blocked more than 24 million malicious domain requests, took down 29,000 attacks against Australian services and responded to 185 ransomware movements, which is a 75 per cent increase.

The agency was also involved in five successful operations taking down online criminal marketplaces and foreign scam networks.