Mr Morrison said the cyber attacks were widespread, covering “all levels of government” as well as essential services and businesses.
He declined to identify a specific state actor and said no major personal data breaches had been made.
The attacks have happened over many months and are increasing, he said.
The prime minister said his announcement on Friday was intended to raise public awareness and to urge businesses to improve their defences.
But he stressed that “malicious” activity was also being seen globally, making it not unique to Australia.
Morrison did not name specific cases but said it had spanned “government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure”.
He did not give further details. Previously, defence manufacturers, government contractors and accounting firms have been among those to report data breaches.
Last year, the Australian National University said it had been hacked by a sophisticated operation which had accessed staff and student details.
Australia’s main political parties and parliament were hit by a “malicious intrusion” earlier in 2019, also attributed to a “sophisticated state actor”. (Courtesy BBC)