Younger Australians vulnerable due to poor online security habits

The Australian Cyber Collaboration Centre (Aus3C) has released its Annual Cybersecurity Attitudes and Behaviours Report (Oh Behave! 2024), revealing significant concerns about online safety, particularly among younger Australians. The research, conducted by CybSafe and supported in the USA by the National Cybersecurity Alliance (NCA), surveyed over 6,500 individuals across Australia, New Zealand, the USA, the UK, Canada, Germany, France, and India.

In Australia, the study highlights that 52% of respondents find online security measures frustrating, and 44% feel intimidated by the complexities of staying safe online. Notably, only 60% of Australians believe that online security efforts are worth the trouble, reflecting a 9% decline from last year.

The report emphasises the urgent need to address generational disparities in attitudes towards cybersecurity. "Complacency and frustration are dangerous combinations in the fight against cybercrime in Australia," said Matthew Salier, Chief Executive Officer at Aus3C. "Vulnerability to cyber-attacks is of particular concern across younger generations because they're not taking adequate precautions, relying too heavily on others or assuming their devices are secure."

A significant portion of younger Australians, particularly Gen Z and Millennials, are pessimistic about their ability to remain safe online. Many younger respondents no longer believe that the effort to remain secure is worthwhile, leading some to reduce their online activities. The report found that 43% of all participants assumed their devices were automatically secure, underscoring a widespread sense of complacency.

Furthermore, the study revealed that 39% of Gen Z and Millennial respondents rely on family members for online security. Additionally, 90% of participants across all age groups believe that apps and platforms should be responsible for protecting their personal information.

Poor cybersecurity hygiene remains a concern, with the study highlighting inadequate password practices. The use of personal information, such as pet names, in passwords has increased across generations, with Gen Z leading at 52%. A considerable number of Baby Boomers and the Silent Generation have never used a password manager, with figures at 60% and 66% respectively.

Despite 81% awareness of multi-factor authentication (MFA), its adoption remains inconsistent, especially among Millennials and Gen Z. While older generations report more consistent use, many younger respondents have tried MFA but discontinued it. Furthermore, only 45% of Gen Z respondents have enabled automatic software updates, despite their convenience.

Concerns about artificial intelligence (AI) also surfaced. Over half of employed participants (52%) and students (58%) have not received training on safe AI use. Millennials, in particular, worry that AI will exacerbate the difficulty in detecting scams. Trust in companies to implement AI responsibly is low, with Australians exhibiting the lowest confidence at 35%, compared to 71% of respondents from India.

Matthew Salier highlighted the evolving threat landscape with the introduction of AI: "As the threat landscape evolves with the introduction of AI, we must equip individuals and organisations in Australia with the tools they need to navigate this complex environment. Our goal is to drive education and resources that empower Australian organisations to take control of their online security."

In response to the findings, Aus3C has launched a new awareness campaign for Cybersecurity Awareness Month. This campaign aims to address complacency and pessimism about cybersecurity by educating individuals and organisations on the importance of personal responsibility for online safety. It will also encourage the adoption of simple but effective cybersecurity practices.