Australian companies faced a significant volume of cyber threats in August 2025, with over 5,000 malware incidents and more than 65,000 network attacks recorded, according to WatchGuard Technologies.
The firm’s latest data showed that 5,383 malware threats were intercepted nationwide during the month, averaging about 179 events each day. Network-based attacks were even more prevalent, with 65,074 attempts blocked, or roughly 2,169 per day.
The majority of malware identified in Australia consisted of previously known variants, accounting for 93% of all cases. The remaining 7% were classified as zero-day threats, which are newly discovered and often more difficult to defend against.
Among the most frequently detected malware were phishing and credential theft tools, such as HTML:Beluga.5564 and JS:Trojan.Cryxos.14878, highlighting the continued use of social engineering by threat actors.
In a regional context, Australia’s share of malware detections represented just over 1% of the Asia-Pacific (APAC) total, while its proportion of blocked network attacks was much higher at 57%, according to WatchGuard’s report.
Recent months have seen notable changes in attack patterns. Malware incidents in Australia increased by nearly half from June to July before dropping by more than two-thirds in August.
Network attacks, meanwhile, have been on a downward trajectory, declining by over 40% from June to July and falling another 47% the following month.
Anthony Daniel, managing director for WatchGuard in Australia, New Zealand, and the Pacific Islands, said it is positive that attack numbers in Australia are generally declining, but the figures indicate that cybercriminals continue to launch frequent attacks, with network incidents occurring over 90 times each hour.
“The dominance of known malware also highlights that many organisations are still being targeted with tried-and-tested techniques. Businesses cannot afford to be complacent. Maintaining layered defences and strong detection capabilities remains critical, as attackers will always look for the easiest path to exploit,” he said, as reported by Security Brief.
In addition to malware and network threats, Australian organisations continue to grapple with data breaches.
In August, TPG’s iiNet division disclosed a cyber incident in which attackers used compromised employee credentials to access internal systems.
The breach resulted in the exposure of approximately 280,000 email addresses, 20,000 landline numbers, and other customer details, including usernames and modem setup information.
The Insurance Council of Australia (ICA) has called for expanded cybersecurity requirements for businesses, citing the increasing complexity of cyber risks and the use of artificial intelligence in attacks.
In a submission to the Department of Home Affairs, the ICA highlighted emerging concerns such as quantum computing and the management of consumer data.
The council’s recommendations include increased accountability for technology vendors, workforce development programs to embed cybersecurity expertise within small and medium-sized enterprises (SMEs), and broader mandatory reporting for ransomware incidents.
The ICA stressed the importance of a national approach that considers the differing capacities of businesses, especially SMEs, to invest in cybersecurity.
Insurance providers are positioned to support SMEs in improving cyber defences, working alongside government and larger enterprises.
The ICA has suggested that insurance policy renewals could be used to reinforce cybersecurity best practices and government messaging.
