More than two in 10 businesses (22%) experienced a cyber security attack during the 2021-22 financial year, Australian Bureau of Statistics data revealed.
This is up from 2019-2020, when just 8% of businesses reported cyber incidences.
The types of cyber attacks included scams or fraud (16%), malicious software infecting computers (5%) and unauthorised access or use (3%).
The latest figures also show how cyber attacks impacted businesses. In 2021-22, just over half of those that experienced a cyber attack were negatively impacted, compared to more than 80% of businesses in 2019-20.
“In 2021-22, 34 per cent of businesses reported loss of time in managing cyber security attacks, 18 per cent reported downtime of service, while 17 per cent reported a loss of staff productivity,” head of ABS business statistics Robert Ewing said.
For the first time, all businesses were asked about the types of cyber security measures they had in place, and seven in 10 (70%) reported some form of protection measure.
“Over 60 per cent of businesses reported regular updates to virus protection software," Ewing said. “Around 37 per cent of businesses regularly backed up operations-critical data, while 20 per cent had identity access management and 13 per cent gave staff cyber security awareness training.
“Today’s Characteristics of Australian Business data release is important because it gives governments and researchers information about the prevalence, impacts and nature of cyber attacks.
“This helps them understand who they need to support and what strategies they need to use.”