Australia is witnessing a rapid escalation in cybercrime, driven in large part by adversaries harnessing the power of artificial intelligence (AI). From precision-targeted phishing campaigns to compromised supply chains and deepfake impersonations, malicious actors are deploying AI to outmaneuver traditional cybersecurity defenses. Recent industry reports suggest that Australian businesses across nearly every sector are facing unprecedented levels of AI-powered cyberattacks, with the technology sector, supply chains, and critical infrastructure proving especially vulnerable.
AI is Reshaping the Cyberthreat Landscape in Australia
The cybersecurity environment in Australia throughout 2025 has been characterized by a marked increase in sophistication and volume of cyberattacks. According to Cyble’s mid-year analysis, over 50 threat groups — including ransomware gangs, hacktivists, and state-sponsored Advanced Persistent Threats (APTs) from China, Russia, Iran, and North Korea — have been active in the region. As of August, 71 major cyber incidents were recorded, reflecting a 13% rise over the same period in 2024.
Threat Actors are Weaponizing AI Across All Stages of Attack
AI is now integral to offensive cybersecurity strategies, enabling threat actors to automate and scale their operations through:
- Reconnaissance and Vulnerability Scanning : APTs use AI to rapidly detect exploitable systems and misconfigurations.
- Phishing and Social Engineering : AI-generated emails and deepfakes help attackers craft convincing lures that are extremely difficult to distinguish from legitimate messages.
- Malware Development : Malicious large language models (LLMs), such as GhostGPT, accelerate the creation of polymorphic malware that adapts to avoid detection.
- Autonomous Malware : Self-adapting malicious software is capable of altering its behavior in real time to circumvent static security controls.
These capabilities have dramatically increased the success rate and reach of cyberattacks targeting Australian organizations, underlining an urgent need for AI-optimized defense strategies.
Australia’s Supply Chains are Now Top Targets
One of the most concerning developments has been the exploitation of supply chain vulnerabilities through AI-enhanced social engineering. A documented case involving Sydney-based animal vaccine manufacturer Virbac illustrates this trend. The company has seen a surge in fraudulent, AI-crafted invoices — as many as ten per month — designed to mimic legitimate communications from trusted suppliers.
Each invoice typically references specific raw materials and order details, indicating detailed reconnaissance and targeting by attackers. According to Chris Mousley, a supply chain analytics leader at Virbac, the sophisticated nature of these documents makes them challenging to filter or spot.
Jacqueline Jayne from SoSafe emphasized the broader implications: “It’s becoming increasingly difficult to tell real from fake.” Deepfake audio and video impersonations of company executives are further complicating verification processes, making it essential for organizations to adopt zero-trust principles and multi-factor validation of all communications.
Attacks on the Technology Sector Amplify Broader Supply Chain Risk
The technology industry has emerged as a key target, both in direct attacks and as a conduit for lateral movement across partner ecosystems. Trustwave’s analysis reveals that cybercriminals routinely traffic developer credentials, like GitLab API keys, on dark web forums for up to USD $1,400. These credentials are often purposefully marketed for use in secondary supply chain attacks, underscoring the commodification and industrialization of cybercrime.
Trustwave’s CISO, Kory Daniels, cautioned that Australia’s innovation trajectory is matched by the agility of cyber adversaries, stating, “Threat actors are industrializing operations, weaponizing AI, and scaling attacks by abusing compromised suppliers.”
This level of professionalization within the cybercriminal ecosystem, facilitated by Ransomware-as-a-Service (RaaS) and credential monetization, represents a new frontier of scalable, AI-powered cyber risk.
Espionage and Steganography Further Complicate Detection
The use of AI for espionage and covert communication is also emerging as a significant concern in Australia. Cybercriminals are embedding malicious code within digital media files — a tactic known as AI-driven steganography. These “cover objects” bypass conventional detection tools by hiding malware within seemingly benign images, videos, or audio files.
SecurityBrief Australia reports that attackers are even hijacking legitimate, cloud-based AI services to create and distribute this malware. This tactic not only helps attackers scale their efforts but also misuses institutional computing resources and evades sandbox-based detection platforms.
Edge devices — such as mobile units and encrypted chat applications — continue to accumulate vulnerabilities, disproportionately exposing organizations to unauthorized access and persistent lateral movement.
Confidence Levels in Existing Defenses are Alarmingly Low
Findings from a Fortinet-commissioned IDC survey reveal just how unprepared many Australian organizations are for this new wave of AI-powered cyber threats:
- 51% of organizations experienced AI-driven attacks in the past year.
- 76% reported that the number of attacks has doubled.
- 16% said the volume has tripled.
- Only 32% expressed high confidence in their defenses.
- 15% acknowledged that threat actors are outpacing their detection capabilities.
Simon Piff, Research Vice President at IDC Asia-Pacific, emphasizes that AI-enhanced threats exploit the limitations of traditional tools: “Organizations must adopt AI-accelerated security platforms that offer real-time, adaptive detection.”
The Path Forward Requires AI-Augmented Cyber Defenses
As supply chain attacks rise and sectors like technology, healthcare, finance, and energy come under siege, the path forward is clear: Australian organizations must invest in cybersecurity architectures that evolve as quickly as the threat landscape.
Key defensive actions include:
- Deploying AI-based Detection Tools : Incorporate behavioral analysis and anomaly detection powered by machine learning.
- Implementing Zero Trust Architecture : Validate every access request, regardless of origin.
- Hardening Supply Chain Communications : Enforce multi-level verification procedures for invoices and executive communications.
- Monitoring Edge Devices Proactively : Extend endpoint protection to mobile and embedded systems.
- Training Staff Against Deepfakes : Regularly update threat awareness modules to include AI-generated impersonation tactics.
With cyber adversaries increasingly relying on automation and AI to scale attacks across Australia’s digital ecosystem, the need for proactive, AI-empowered cybersecurity initiatives has never been more urgent.
