ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

80% of Australian organisations hit with ransomware in 2021

By Shannon Williams
Wed 4 May 2022

Eighty percent of Australian organisations surveyed were hit with ransomware in 2021, up from 45% in 2020, according to a new survey. 

Sophos released its annual survey and review of real-world ransomware experiences in the State of Ransomware 2022.

According to the survey, the average ransom paid by organisations that had data encrypted in their most significant ransomware attack, was US$226,863, with 43% paying between US$100,000 US$499,999. Forty-three per cent of the organisations that had data encrypted paid the ransom to get their data back, even if they had other means of data recovery, such as backups.

The report summarises the impact of ransomware on 5,600 mid-sized organisations in 31 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa, with 965 sharing details of ransomware payments. This included 250 in Australia, of whom 65 shared details of ransomware payments.

"Alongside the escalating payments, the survey shows that the proportion of victims paying up also continues to increase, even when they may have other options available," says Chester Wisniewski, principal research scientist at Sophos. 

"There could be several reasons for this, including incomplete backups or the desire to prevent stolen data from appearing on a public leak site," he says.

"In the aftermath of a ransomware attack there is often intense pressure to get back up and running as soon as possible. Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option. Its also an option fraught with risk. 

"Organisations don't know what the attackers might have done, such as adding backdoors, copying passwords and more. If organisations don't thoroughly clean up the recovered data, they will end up with all that potentially toxic material in their network and potentially exposed to a repeat attack."

The main findings of the State of Ransomware 2022 survey for Australia, which covers ransomware incidents experienced during 2021, as well as related cyber insurance issues, include:

  • Organisations are fighting back 99% of respondents have made changes to their cyber defences over the last year to improve their insurance position. Globally, 97% made changes with 64% implementing new technology/services, 56% increasing staff training and education activities, and 52% changing their processes and behaviours.
  • Backups were the #1 method used for restoring data 70% of Australian respondents whose data was encrypted used this approach, 43% paid the ransom. By comparison, globally 73% of respondents used backups and 46% paid the ransom to restore data.
  • Seventy-nine per cent of attacks resulted in data being encrypted This is notably higher than the global average of 65%, and a slight increase from the 74% reported by respondents in Australia in 2020. Ninety-nine per cent of those whose data was encrypted got some of their data back. This aligns with the global results where 99% reported getting at least some of their data back.

 
The impact of a ransomware attack can be immense The average cost to recover from a ransomware attack in 2021 was US$1.01 million. Australian organisations took on average one month to recover from the attack. Eighty-eight per cent of organisations said the attack had impacted their ability to operate, while 86% reported the ransomware attack caused their organisation to lose business/revenue.
 
Many organisations rely on cyber insurance to help them recover from a ransomware attack 91% of respondents in Australia said their organisation has cyber insurance that covers them if they are hit by ransomware, however 53% said the level of cybersecurity needed to qualify for insurance is higher, 50% said cybersecurity policies are now more complex, 39% said the process takes longer, and 36% reported that it is more expensive.
 
"The findings suggest we may have reached a peak in the evolutionary journey of ransomware, where attackers greed for ever higher ransom payments is colliding head on with a hardening of the cyber insurance market as insurers increasingly seek to reduce their ransomware risk and exposure," says Wisniewski. 

"In recent years, it has become increasingly easy for cybercriminals to deploy ransomware, with almost everything available as-a-service. 

"Second, many cyber insurance providers have covered a wide range of ransomware recovery costs, including the ransom, likely contributing to ever higher ransom demands," he says. 

"However, the results indicate that cyber insurance is getting tougher and in the future ransomware victims may become less willing or less able to pay sky high ransoms. 

"Sadly, this is unlikely to reduce the overall risk of a ransomware attack. Ransomware attacks are not as resource intensive as some other, more hand-crafted cyberattacks, so any return is a return worth grabbing and cybercriminals will continue to go after the low hanging fruit."

Sophos recommends the following best practices to help defend against ransomware and related cyberattacks

  • Install and maintain high-quality defenses across all points in the organisations environment. Review security controls regularly and make sure they continue to meet the organisations needs
  • Proactively hunt for threats to identify and stop adversaries before they can execute their attack if the team lacks the time or skills to do this in house, outsource to a Managed Detection and Response (MDR) specialist
  • Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines, open RDP ports, etc. Extended Detection and Response (XDR) solutions are ideal for this purpose
  • Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated
  • Make backups, and practice restoring from them so that the organisation can get back up and running as soon as possible, with minimum disruption
Related stories
Top stories
Story image
Hawaiki Cable
BW Digital completes acquisition of Hawaiki Submarine Cable
BW Digital has completed its full acquisition of Hawaiki Submarine Cable, with all applicable regulatory filings and approvals now received.
Story image
Adyen
Adyen expands partnership with Afterpay as BNPL payments increase
Adyen has expanded its partnership with AfterPay allowing more of Adyen’s merchants in more countries worldwide to use the BNPL provider.
Story image
SaaS
Atturra partners with Focus HQ to support Aus organisations
Atturra has executed a partnership agreement with Focus HQ, to resell and support the company's Australian developed SaaS-based portfolio management platform.
Story image
Review
Hands-on review: MSI MPG Z690 Carbon WIFI motherboard
It’s all change with Intel’s 12th generation CPUs. We have a new chipset in the 600-series, a new socket with the LGA 1700, and new DDR5 memory.
Story image
Poly
Poly introduces new smart devices and announces Amazon e-store in Australia
Poly is introducing two new pro-grade devices to the market and announcing its first official Australian e-store on Amazon.
Story image
Artificial Intelligence
Updates from Google Workspace set to ease hybrid working troubles
Google Workspace has announced a variety of new features which will utilise Google AI capabilities to help make hybrid working situations more efficient and effective.
Story image
Mobility
Hands-on review: STM laptop bags
The advent of hybrid working has meant we need laptop bags. We got our hands on two of the most popular laptop bags from STM.
Story image
Data
Aussie data & analytic execs not confident in data strategy
Less than half of Australian data and analytics leaders are confident in their data strategy as siloes and lack of culture prevent innovation.
Story image
Cybersecurity
Three key security challenges facing the Australian insurance industry 
Insurance companies must ensure they proactively address security challenges and protect the privacy of customer data.
Story image
Manufacturing
$1 million in cyber skills to stop $100 million in cybercrime
"It is important that the next generation across all industries, including manufacturing, are skilled in cybersecurity."
Story image
Microsoft
Microsoft unveils three new security managed services
Security Experts includes three new managed services, Defender Experts for Hunting, Defender Experts for XDR, Security Services for Enterprise.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Malware
Use of malware, botnets and exploits expands in Q1 2022
"As zero-day attacks and other vulnerabilities among companies like Google and Microsoft come to light, threat actors are quickly adjusting their tactics."
Story image
D-Link
D-Link launches new G415 Smart Router as part of EAGLE PRO AI range
D-Link A/NZ has announced the launch of its new G415 AX1500 4G Smart Router as part of the new EAGLE PRO AI Series.
Story image
Ransomware
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Hybrid Cloud
Hewlett Packard Enterprise hosts Channel Reignite sessions
Hewlett Packard Enterprise (HPE) hosted its HPE Channel Reignite sessions in Sydney and Melbourne last month to reconnect with the channel partner community.
Story image
Review
Hands-on review: Amazon Kindle Paperwhite Signature Edition
In almost every respect it works like a book, apart from the fact that it weighs next to nothing, fits in my hand perfectly, and is soothing on my eyes.
Story image
Firewall
Sophos named Gartner Peer Insights Customers Choice for network firewalls
The company earned the highest overall customer rating among vendors with at least 150 verified customer reviews.
Story image
Artificial Intelligence
Google to enter the smartwatch market with the Google Pixel Watch
Google has provided a first look at its new Google Pixel Watch, which is set to make an entry into the competitive smartwatch market.
Story image
Phishing
Google reveals new safety and security measures for users
Google's new measures include automatic two step verification, virtual cards and making it easier to remove contact information on Google Search results.
Story image
Artificial Intelligence
SecureCo and IBM partner to deliver Intelligent Voice Platform
The partnership addresses the growing number of businesses seeking to digitally transform, by enabling operational optimisation and adaptive CX.
Story image
Fortinet
Fortinet sees 34% revenue increase in latest financial results
Fortinet has released its financial results for the first quarter ended March 31, 2022, seeing a total revenue increase of 34.4% compared to the same quarter last year.
Story image
Wireless
Sony to bring new 1000X series WH-1000XM5 headphones to the market
Sony has announced the newest edition of its award-winning wireless headphones, with the 1000X series WH-1000XM5 noise-cancelling model.
Story image
Cybersecurity
HackerOne launches Attack Resistance Management solution
HackerOne has launched Attack Resistance Management - a new category of security solution that targets the root causes of the attack resistance gap. 
Story image
Fastly
Fastly named 2022 Gartner Peer Insights Customers’ Choice
Fastly has announced it has been named a Customers' Choice in the 2022 Gartner Peer Insights "Voice of the Customer": Global CDN.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Red Hat
Red Hat expands capabilities to provide streamlined application development in cloud
"Application development is undergoing significant change and developers need tools to support this transformation."
Story image
Jabra
Jabra reveals its latest portable headset Engage 55
Jabra has launched the Engage 55, the newest product in Jabra's Engage series designed for ultimate call security and quality.
Story image
Logistics
TeamViewer and SAP combine AR and warehouse operations
TeamViewer combines its AR platform, Frontline, with SAP's Extended Warehouse Management solution, to make warehouse and logistics operations more efficient.
Story image
Gaming
Mastercard users can now use rewards points in gaming
Mastercard has launched Mastercard Gamer Xchange (MGX), allowing APAC consumers to convert their rewards points into gaming currency.
Story image
Hybrid Cloud
Red Hat and Accenture expand alliance for hybrid cloud
Red Hat and Accenture have announced the expansion of their partnership, collaborating on new offerings to assist businesses in their cloud continuum operations.
Story image
Training
Fortinet training edges toward closing cybersecurity gap
The Fortinet Training Institute has made significant progress in closing the cybersecurity skills gap, on track to train one million people by 2026.
Story image
Manufacturing
HINDSITE wins Aerospace Xelerated Pitch Challenge with solution to support Boeing
Brisbane-based startup HINDSITE was the winner of the first ever Pitch Challenge organised by Aerospace Xelerated in partnership with Queensland XR Hub. 
Story image
Application Performance Monitoring / APM
Why SolarWinds Partners will have big wins in 2022
We summarise the key recent changes that the monitoring software vendor has made to accelerate its channel business.
Story image
VPN
Palo Alto Networks says ZTNA 1.0 not secure enough
Palo Alto Networks is urging the industry to move to Zero Trust Network Access 2.0 because previous versions have major gaps in security protection.
Story image
Tech Data
Tech Data to use Pluribus Networks’ cloud solutions in APAC
Tech Data says using Pluribus Networks' Unified Cloud Fabric solution will be a "game-changer" for its data center infrastructure customers and partners.
Story image
Ransomware
Zerto unveils updates to ransomware recovery capabilities
"Organisations face increased risks from the volume and sophistication of ransomware attacks prevalent today."
Story image
Wireless
Hands-on review: Technics EAH-A800 Noise Cancelling Wireless Headphones
Designed in Osaka, Japan, these headphones just exude quality. They aren’t heavy, but they feel well built and solid.
Story image
Open banking
A look at the rewards and risks of open banking - report
RiskBusiness says its report on open banking finds that while it holds much potential, financial services firms need to ensure they have robust, risk processes.
Story image
Telstra
Telstra and Silver Trak Digital delivers 5G to the cinemas
Telstra and Silver Trak Digital say they've launched Australia's fastest and most secure delivery of content over 5G for cinemas.
Story image
Corsair
Hands-on review: Corsair 32GB Vengeance 5200MHz DDR5 DRAM kit
Corsair’s Vengeance 5200MHz DDR5 DRAM offers PC users an entry-level upgrade to the new memory standard allowing them to get a little bit more out of their new Alder Lake CPUs.
Story image
Appian
Appian awarded billions in damages against Pegasystems Inc.
Appian has been awarded USD$2.036 billion in damages against Pegasystems Inc as the result of a jury verdict in the Circuit Court for Fairfax County, Virginia.
Story image
Microsoft
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
Artificial Intelligence
ANU and Seeing Machines to use AI to improve driver safety
The Australian National University and Seeing Machines have won a grant to develop AI systems monitor human behaviour while driving.