Cyber Threats on the Rise
ASD ACSC Report showcases rise in ransomware, state sponsored threat actors and healthcare targeting
Cyber Security Awareness Month 2025 may have drawn to a close, but organizations still face threats in growing number and sophistication. Now is a good time to consider strategies to proactively protect your people, data and systems.
This blog reviews the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC)’s Annual Cyber Threat Report 2024-2025 and explains how modern application control provides comprehensive security against key threats.
Ransomware Continues to be a Serious Threat
Ransomware, a type of malware that locks or encrypts files so criminals can demand a ransom to restore access, is “the most disruptive cybercrime threat,” according to the ASD ACSC.
The ransomware ecosystem is becoming increasingly professionalized as a service model that makes it easy for criminals to access malware, tools, and infrastructure to launch attacks. More than one in 10 incidents the ASD ACSC responded to in 2024-25 included ransomware, and the organization noted the serious operational, financial and reputational consequences for victims.
To understand the scale of the ransomware threat and how organizations are responding to attacks, the Australian Government in May this year introduced mandatory ransomware and cyber extortion payment reporting.
How Modern Application Control Stops Ransomware
With modern application control, organizations can reduce their attack surface and mitigate the risk presented by ransomware and other types of malicious software.
Today’s solutions enforce a Deny by Default security model that blocks all untrusted and unauthorized applications, allowing only approved software to execute.
Critical Infrastructure a Primary Target for Sophisticated Attackers
The Australian Government designates 11 sectors as critical infrastructure, providing services essential to everyday life. These include healthcare and medical, communications, financial services and markets, the defense industry, and energy.
According to the ASD ACSC, these sectors are prime targets for state-sponsored actors looking to position disruptive attacks. In 2024-2025, the ASD ACSC notified critical infrastructure entities of potential malicious cyber activity impacting their networks over 190 times, up 111% from the previous year.
How Application Control Protects Providers of Essential Services Products
Modern application control solutions incorporate a range of features and capabilities to help critical infrastructure organizations minimize their risk and attack surfaces. These allow organizations to:
- Address Living off the Land techniques that enable attackers to blend in with standard system and network activities. (Read more about how to combat Living off the Land Binaries AKA LOLBins)
- Stop ransomware, malware and untrusted software from executing, reducing the risk of compromise and disruption
- Extend protection across IT and OT systems
- Align with cybersecurity regulations, frameworks and strategies which defines the files and applications allowed to execute using a variety of trust mechanisms
- Maintain detailed, immutable logs of all endpoint executions and attempted executions to simplify compliance and support incident investigations
You may be interested in reading about organizations who are relying on application control to protect critical infrastructure across a range of industries.
Healthcare Breach Rates Far Outstrip Other Industries
The ASD ACSC report discloses some alarming statistics about cyber threats to Australia’s healthcare sector. Malicious actors were successful in 95% of healthcare/social assistance incidents the agency responded to in 2024-2025 — well above the 52% all-industries rate. The number of ransomware incidents against the sector doubled relative to 2023-2024.
With healthcare organizations managing patient data and running mission-critical IT and operational technology (OT) such as building management systems and medical equipment, they are a prime target for attackers. However, modern application control features and capabilities, including those listed above, can protect these sensitive environments from disruption.
As a provider of modern application control, Airlock Digital provides foundational endpoint security that organizations can implement to stop threats before they start.