Australians Lead in Ransomware Payments: Sophos Report Reveals High Ransom Payouts
In a recent survey conducted by Spin.AI, it was revealed that ransomware attacks on Australian organisations have shown a decreasing trend, with 54% of organisations being hit compared to 70% in 2023. However, the report also highlighted a concerning increase in the severity and impact of these attacks.
The survey, which included 5,000 cybersecurity and IT leaders from 14 countries, found that 49% of attacks on Australian organisations led to data encryption, a significant figure that represents a slight increase from last year's 17%. Moreover, 66% of these organisations that had data encrypted paid the ransom, the second highest rate reported by any country surveyed.
The average ransom payment in Australia has increased by 297% in the last year, reaching an alarming USD6 million. Interestingly, the average ransom demand towards Australian organisations was USD6.8 million, with 76% of the demands made for USD1 million or more. It's worth noting that nearly half of global organisations with revenue of less than USD50 million received a seven-figure ransom demand in the last year.
The report also shed light on the root causes of these attacks. Compromised credentials were the most common root cause, used in 37% of incidents, followed by exploited vulnerabilities in 32% of incidents.
Recovery from these attacks is proving to be a challenge for Australian organisations. Thirty-three percent of organisations took between one and six months to recover, a significant increase on the 17% last year. The average recovery cost for Australian organisations, excluding ransoms, is USD2.37 million.
Backups have become a prime target for cybercriminals, with 84% of Australian organisations hit by ransomware in the past year saying that the cybercriminals attempted to compromise their backups during the attack. However, 58% of Australian organisations that had data encrypted used multiple recovery methods to get their data back, above the global average of 47%.
The survey also found that Australia had the highest rate of successful backup compromise attempts on any country, with 66% of instances where backup compromise attempts were made being successful.
The Sophos State of Ransomware 2024 report serves as a wake-up call for Australian organisations to strengthen their cybersecurity measures and prepare for the increasing sophistication of ransomware attacks. Organisations with between 100 and 5,000 employees and revenue ranging from less than USD10 million to more than USD5 billion were featured in the report.
Read also:
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- SonicWall executive Michael Crean discusses the current state of managed security
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
- Stolen Brain Data of Sinner and Leclerc (Yellow chroma), previously held in China, repurposed for military training purposes.
