Why Australia Is a Prime Target for AI Identity Attacks

Why Australia Is a Prime Target for AI Identity Attacks

Why Australia Is a Prime Target for AI Identity Attacks

Image: immimagery/Adobe

AI-driven identity attacks are overtaking traditional intrusion attempts as attackers’ preferred entry point, and the latest threat research suggests that Australia’s highly digitized, distributed enterprise sector is more exposed than most regions.

Jul 6, 2026

Nearly half of the security incidents reported to Australia’s cyber authority last financial year involved a compromised account or credential. That number helps explain why PwC is now flagging identity as the entry point criminals prefer over breaking through the front door.

According to the Australian Signals Directorate’s Annual Cyber Threat Report for 2024-25, compromised accounts or credentials were involved in 42% of the most cyber incidents it responded to. Identity fraud remained the most reported type of cybercrime among individuals.

That backdrop lines up closely with new global research from PwC, whose Annual Threat Dynamics 2026: Cyber Threats in Motion report found that identity-centric attacks have overtaken traditional network intrusion as the preferred route into corporate systems.

For Australian enterprises, the findings land at an awkward moment. The country’s enterprise sector is among the most digitized in the APAC region, with banking, healthcare, mining, and government services all running deep into cloud and API-connected infrastructure.

That level of digitization is exactly what makes identity attacks more valuable to criminals: every additional connected system, vendor integration, or remote login is another identity that can be stolen, impersonated, or resold.

AI is fueling identity attacks

PwC’s Global Threat Intelligence lead, Kris McConkey, said in the report that adversaries are now choosing to “log in rather than break in,” using AI to probe for weak points across identity, cloud, and edge layers with what he described as “unprecedented precision.”

Generative tools are being used to automate phishing campaigns, produce convincing deepfakes, impersonate IT helpdesk staff, and run multi-stage social engineering operations against both human and machine identities.

That last point matters specifically for Australian organizations because AI adoption is expanding the identity footprint that attackers can target. Every AI agent, automated workflow, or machine-to-machine integration a business deploys creates a new non-human identity that needs credentials, access permissions, and monitoring.

PwC’s data suggests these are exactly the kinds of identities slipping through the cracks. There are already documented cases of Australian organizations being compromised by information-stealer malware that harvested corporate credentials from employee devices.

Edge devices are a related pressure point for a market like Australia’s, where a large share of the workforce operates from regional offices, mine sites, hospitals, and hybrid or remote setups rather than a single corporate campus.

Routers, VPN appliances, and other internet-facing hardware sitting at the edge of that distributed footprint tend to draw far less scrutiny than core enterprise systems. Critical infrastructure operators should treat this as a direct warning rather than a general industry trend, given how often such technology sits outside standard IT security coverage.

More Australia coverage

Supply chains and defense strategy

Supply-chain exposure makes the problem even bigger. PwC’s report says attackers are no longer focusing on a single entry point. They’re targeting executives, developers, vendors, hiring processes, and financial workflows simultaneously.

That creates a particular challenge for Australian enterprises, as many rely on a broad network of managed service providers. The risk this brings is a major reason identity governance is increasingly appearing on Australian board agendas rather than remaining within the security team.

The catch for Australian organizations is capacity. ISACA’s 2025 State of Cybersecurity report found 55% of Australian security teams are understaffed, even as AI-driven attacks accelerate in speed and volume. That shortage turns AI from a nice-to-have into something closer to a necessity. Businesses that cannot hire their way to a fully staffed security team are increasingly relying on AI-enabled detection and automated containment simply to keep pace with automated attackers, rather than as a competitive edge.

McConkey’s framing of the trade-off is blunt: AI represents defenders’ best chance to match attackers’ speed through faster detection, automated containment, and intelligence-led response at scale. For Australian security leaders already stretched thin, that’s less an opportunity than an operational requirement.

Advertisement

Action items for Australian enterprises

PwC’s practical recommendations translate into a short list for local security and IT leaders:

  • Extend zero-trust principles to non-human and machine identities, not just staff logins;
  • Bring edge devices and remote infrastructure into the same monitoring regime as core systems;
  • Map which suppliers and contractors have access to critical systems;
  • Give identity governance a standing seat at the board level rather than folding it into an occasional security briefing.

None of this suggests Australian enterprises are uniquely at fault. PwC’s findings describe a global shift in attacker behavior. But a highly digitized economy with a highly distributed workforce, a deep supply chain footprint, and a well-documented security skills gap, as in Australia, has less room to treat this problem as someone else’s.

Joseph Ofonagoro

Joseph is a technical writer with about three years of experience creating clear, practical content across consumer technology, startups, tutorials, and cybersecurity. He is also advancing a career in cyber threat intelligence, driven by a strong interest in the responsible use of technology and its role in protecting people, organizations, and digital systems. His passion for cybersecurity grew out of a broader commitment to helping others understand technology safely and effectively. As an undergraduate at the National Open University of Nigeria, he leads a community of technology enthusiasts, guiding beginners, sharing learning resources, and helping students build confidence as they explore careers in tech. Joseph’s writing combines technical curiosity with an accessible, beginner-friendly style. In addition to his editorial work, he periodically shares cybersecurity case studies and research reports on social media, covering threat trends, security lessons, and practical insights for readers interested in cyber awareness and digital safety.