According to new research from the Ponemon Institute, commissioned by Illumio, Inc 64% of Australian companies hit with ransomware were forced to halt operations. 43% reported a significant loss of revenue; 42% had to eliminate jobs, and 39% lost customers. The research surveyed 2,547 tech & cyber professionals.
Ransomware attacks continue to wreak havoc on businesses across Australia, significantly disrupting operations and draining revenue streams, according to new research from the Ponemon Institute, commissioned by Illumio, Inc., a leader in breach containment solutions.
Ransomware attacks continue to wreak havoc on businesses across Australia
Findings from The Global Cost of Ransomware Study, reveal that 64% of Australian organisations have been forced to shut down operations following a ransomware attack.
The impact of these cybercrimes has been severe, with 43% of affected companies reporting significant revenue losses, 42% having to eliminate jobs, and 39% losing customers.
Key highlights from the study show just how deeply ransomware is affecting businesses in Australia:
- Critical systems impacted
Ransomware attacks hit 28% of critical systems, with local systems remaining down for an average of 12 hours—among the highest disruptions globally. - Rising costs in containment and remediation
To combat these attacks, companies are dedicating vast resources. On average, it took 17 people and 134 hours per person to contain and remediate the largest ransomware attack experienced by Australian organisations. - Reputation damage surpassing legal costs
Nearly 40% of organisations reported significant damage to their brand and reputation as a result of ransomware, surpassing the costs associated with legal and regulatory actions. - Investment in resilience still lacking
A concerning 39% of businesses in Australia still lack the ability to quickly identify and contain ransomware attacks. Furthermore, only 18% have implemented microsegmentation, a vital cybersecurity control to prevent the spread of breaches.
This places Australian organisations well behind the global average, where 44% of companies in the U.S. have implemented this crucial security measure.
According to Illumio Director of Critical Infrastructure, Trevor Dearing ransomware is now more pervasive and impactful than ever, but not all attacks need result in the suspension of operations or major business failure.
“Organisations need operational resilience and controls like microsegmentation that stop attackers from reaching critical systems should be non-negotiable,” Dearing said
“By containing attacks at the point of entry, organisations can protect critical systems and data, and save millions in downtime, lost business, and reputational damage.” he said..
Operation technology and hybrid environments remain weak links, with attackers exploiting unpatched systems
The increased connectivity of business systems and devices is making it harder for organisations to defend against ransomware attacks.
Organisations perceive operational technology as being the most vulnerable to ransomware (41%), followed by the cloud (39%) and endpoint devices (39%). Twenty-eight percent also say a lack of visibility across hybrid environments makes it difficult to respond to ransomware attacks.
Desktops and laptops remain the most compromised devices (46%), with Remote Desktop Protocol (RDP) and phishing cited as top entry points for ransomware.
Most attacks moved across the network to infect other devices. In over half of these cases (55%), attackers exploited unpatched systems to move laterally and escalate system privileges.
Organisations are investing heavily in ransomware defence, but efforts are falling short
According to the research, nearly a third of IT budgets (31%) are allocated to staff and technologies meant to prevent, detect, contain, and resolve ransomware attacks, yet attacks are still successful.
Ninety-one percent of organisations have fallen victim to a ransomware attack, despite 56% being confident in their security posture.
Organisations are also taking a chance on ransomware recovery and failing. Forty-seven percent of respondents believe having a full and accurate backup is a sufficient defence against ransomware. Yet only 10% were able to recover all impacted data following a ransomware attack.
A report also highlighted significant organisational challenges faced by Australian businesses in defending against ransomware attacks and underscore critical gaps in reporting, employee preparedness, and the slow adoption of artificial intelligence (AI) in combating this growing cyber threat.
- Ransomware reporting is still not happening: 71% of those that experienced a ransomware attack didn’t report it to law enforcement. Top reasons for not reporting include fear of retaliation (43%); being up against a payment deadline (37%); and not wanting to publicise the incident (31%).
- Employees remain a weak link in security: Only 45% are confident in the ability of employees to detect social engineering lures and insider negligence is the top challenge when responding to ransomware attacks.
- Organisations are slow to adopt AI to combat ransomware: Only 35% of Australian companies have specifically adopted AI to help combat ransomware – the lowest of any country. More (46%) are concerned their organisation may experience an AI-generated ransomware attack.
The research, surveyed 2,547 IT and cybersecurity practitioners across six countries: the United States, the United Kingdom, Germany, France, Australia, and Japan.