SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Ransomware
#
Digital Transformation

Australia faces surge in AI-powered cyber threats & espionage

Yesterday
Author image
By Melvin Hipolito, Editor

Australia's cybersecurity environment for 2025 is marked by the emergence of new, sophisticated threats that go beyond traditional ransomware, phishing, and business email compromise attacks.

Cybersecurity professionals are observing the rise of artificial intelligence (AI) driven steganography, advanced state-sponsored cyber espionage, weaponisation of cloud-hosted AI, increasing vulnerabilities in edge devices, and more complex data monetisation and extortion campaigns. These developments are prompting a call for heightened vigilance and new defensive approaches across organisations in Australia.

AI and steganography

Recent trends highlight a resurgence and evolution of steganography, a technique where malicious code is hidden within innocuous files like images, videos, and audio. Attackers are now using AI to automate the creation of these 'cover objects', making it significantly harder for conventional security controls to detect these threats. According to cybersecurity professionals, a regular-looking image sent via email could contain an embedded payload which, when opened, may exploit vulnerabilities, extract hidden code, and install malware. This enables attackers to achieve persistent system access and steal sensitive data.

This variant of attack is especially concerning for corporate security teams, as it is able to bypass many traditional security filters and can lay the groundwork for long-term espionage or information theft.

State-sponsored campaigns

Geopolitical tensions are amplifying the risk of technology-enabled espionage and sabotage, especially on government departments and critical infrastructure sectors such as energy, healthcare, and telecommunications. Nation-state actors, including groups like APT40, have been observed placing dormant malware on networks, mapping systems for future exploits, and leveraging advanced AI-based operations to undermine trust and disseminate disinformation.

The average time to detect such espionage incidents now exceeds 400 days, making them among the most persistent and damaging threats in the region.

Cloud-hosted AI as a threat vector

Cybercriminals are leveraging cloud-based AI platforms to create and distribute harmful software by hijacking legitimate AI services. This allows attackers to scale up their operations, avoid conventional detection, and misuse victims' computing resources for unlawful purposes. The growing prevalence of Ransomware-as-a-Service (RaaS) models enables less sophisticated threat actors to deploy complex attacks against Australian organisations.

This trend is forcing companies to re-evaluate their cloud security strategies and make investments in advanced monitoring and strengthened access controls.

Edge devices and IoT challenges

Security risks are escalating for edge devices, including mobile units and encrypted communication platforms, as these technologies are increasingly essential for business operations. Many devices lack adequate protection, presenting appealing opportunities for cybercriminals. Attacks targeting smart devices, telecommunications infrastructure, and visibility gaps are giving malicious actors entry points into business environments.

The proliferation of Internet of Things (IoT) devices is a prominent driver of risk. Forecasts expect the number of such devices in the Asia-Pacific region to surpass 14 billion by 2025, widening the attack surface. Many organisations are unable to keep all these devices fully patched and monitored, leaving significant gaps in security coverage.

Evolving data monetisation tactics

Cybercriminals are increasingly focusing on extracting maximum value from breached data, even after ransoms are paid. Stolen information may be utilised for further exploitation, sold on the dark web, or used for extended extortion, identity theft, or corporate espionage. Double and triple extortion methods are now frequently observed, with criminals threatening to leak sensitive information or disrupt essential services unless their demands are met.

The direct economic and reputational consequences are significant, especially in cases impacting public infrastructure and essential services.

Digital expansion and human factors

The rapid pace of digital transformation, including high adoption of AI and other emerging technologies, has seen many organisations implement new capabilities without sufficient security or risk assessments. Recent studies suggest almost eight out of ten businesses in the region are using or planning to adopt AI, but less than one third maintain a formal inventory of their AI assets.

This gap in oversight is compounded by an ongoing shortage of skilled cybersecurity workers, which leaves organisations more exposed to risk.

AI-powered social engineering attacks — such as deepfake videos and synthetic voice threats — are also gaining traction, enabling criminals to bypass traditional authentication systems and manipulate employees. This trend has heightened the importance of continual security awareness and training across all levels of the workforce.

Industry perspectives

"The rise of data monetisation schemes means that even after a ransom is paid, stolen information may be exploited or sold on the dark web. Attackers are now focusing on extracting maximum value from breached data, including long-term extortion, identity theft, and corporate espionage. Double and triple extortion tactics are now commonplace, with attackers threatening to leak sensitive data or disrupt vital services if their demands are not met. The economic and reputational fallout from such incidents can be severe, as seen in recent high-profile breaches affecting critical infrastructure and public services across the region."

Security solutions

Borderless CS offers Australian organisations services in threat hunting, AI-driven detection, steganography and covert payload analysis, cloud and edge device security assessment, incident response for state-based campaigns, and strategic consulting for compliance and resilience. The company advises security leaders to adopt a proactive, intelligence-led approach in defending against these new challenges.

"Australia's cybersecurity landscape in 2025 is defined by covert, AI-powered attacks, state-sponsored espionage, and the exploitation of emerging technologies. Addressing these challenges requires not just awareness, but a proactive, intelligence-driven approach—one that partners with experts like Borderless CS to protect your organisation's future."
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Sumsub unveils 'The Beast 2.0' to combat digital fraud in APAC
AI adoption surges in Asia Pacific manufacturing for quality, efficiency
Hornetsecurity launches AI cyber assistant for Microsoft 365
Over half of spam emails now generated by AI, new study finds
The delicate dance of user experience and security in the digital age
Top stories
Splashtop launches Australian cloud for local data compliance
Australian firms warned legacy networks threaten digital growth
Exclusive: Logistics firms face rising OT cyber threats amid global tensions
Duco joins ServiceNow Partner Program & expands leadership team
Rewiring innovation: The dynamic and diverse future of emerging tech is female