Australian businesses becoming ransomware repeat victims

Tuesday, 04 April, 2023

A new report shows that Australian organisations are increasingly falling prey to successful ransomware attacks — in many cases, multiple times.

The 2023 Ransomware Insights report from Barracuda Networks is based on data drawn from surveyed IT professionals across the US, EMEA and APAC. It found that 69% of organisations surveyed in Australia were hit once in 2022, with 33% facing two or more attacks. Those that were hit multiple times were more likely to have paid the ransom — 30% of those hit two times or more paid the ransom to restore encrypted data, compared to 23% of victims of a single attack. They were also less likely to use a data backup system to help them recover.

There were significant variations in the industries targeted by ransomware globally. For example, 98% of consumer services and 85% of energy, oil/gas and utility organisations experienced at least one ransomware attack. The energy, oil/gas and utility industry was also the most likely (at 53%) to report two or more successful ransomware incidents.

The findings show that for 69% of organisations in Australia, the ransomware attack started with a malicious email, such as a phishing email designed to steal credentials that would allow the attackers to breach the network. Web applications and traffic are in second place and represent an area of growing risk as part of an ever-expanding threat surface.

Globally, organisations with cyber insurance were more likely to be affected by ransomware — 77% of organisations with cyber insurance were hit with at least one successful ransomware attack, compared to 65% without cyber insurance.

The research also found that 27% of the organisations surveyed globally feel they are not fully prepared to deal with a ransomware attack.

“The number of organisations affected by ransomware in 2022 likely reflects the widespread availability of low-cost, accessible attack tools through ransomware-as-a-service offerings,” said Fleming Shi, CTO, Barracuda.

“The relatively high proportion of repeat victims suggests that security gaps are not fully addressed after the first incident. The security industry has an essential role to play in helping organisations to defend themselves against ransomware, through deep, multilayered security technologies that include advanced email protection and backup as well as threat hunting and extended detection and response (XDR) capabilities to stop malicious activity in its tracks.”

The full report is available for download here.

Image credit: iStock.com/Boonrit Panyaphinitnugoon