CyberCX has released its annual Digital Forensics and Incident Response Year in Review Report for 2023 

Essential services at risk as local governments face escalating cyber threats

A new report from CyberCX identifies key cyber threats facing local government organisations across Australia, including cyber attacks that could impact essential services such as water, energy and sanitation.

Melbourne, Wednesday 22 December

CyberCX, Australia and New Zealand’s leading cyber security services firm, has today released a new Cyber Intelligence Insights report highlighting key cyber threats to local government organisations across Australia, including the threat posed by nation-state actors.

According to the report, many local government organisations across Australia are not effectively managing cyber risk, leaving them highly vulnerable to ransomware and cyber theft extortion attacks, which have increased exponentially in 2021.

Katherine Mansted, CyberCX Director of Cyber Intelligence and Public Policy, said she hoped the report’s findings would “trigger important conversations” for local governments, particularly those who rely on operational technology to manage critical infrastructure and essential services.

“There are local governments around the country that own or operate OT-enabled critical infrastructure, such as water and sewerage systems and energy networks,” said Mansted.

“If these essential services are shut down by a ransomware attack, the consequences are potentially catastrophic for local residents. For local governments, which are often battling budget and resource constraints, the effects of even a relatively unsophisticated cyber attack could also be devastating.”

CyberCX Chief Strategy Officer Alastair MacGibbon said the report shows the risk profile of local government organisations is unlikely to materially improve in 2022, as the threat environment continues to deteriorate.

“Looking forward to 2022, all local government organisations are at increasing risk of being hit by a cyber incident and suffering significant financial loss, business disruption, loss of data or reputational damage as a result,” said MacGibbon.

“In an environment where nation-state actors and cybercriminals are constantly looking for ways to get into their networks and wreak havoc, local governments need to prioritise how they are managing risk and building resilience.”

The report also finds that foreign governments are actively targeting local government organisations in Australia for intelligence collection and political interference, with some of these adversaries viewing local governments as “weak links” in Australia’s national security.

CyberCX has observed that the government sector is the third most frequently impacted by cyber extortion in Australia, with local governments assessed as far more likely to be targeted than state and federal agencies.

Other common cyber risks Australian local governments are being exposed to according to the new report include:

  • Business Email Compromise (BEC) is the most likely form of cybercriminal attack to be faced by local governments and could cause major financial loss.
  • All local government organisations face a high likelihood of suffering a data breach. The most common source of data breaches in the government sector is accidental exposure caused by employees or contractors.
  • Phishing continues to be the most common method threat actors use to obtain initial network access, underscoring a critical need for local governments to roll out cyber security awareness and training programs for employees.

CyberCX’s Cyber Intelligence Insights report on Australian Local Government is available to download at:


Media contact:

Jordan Newnham

[email protected]

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.