Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A new CrowdStrike report illustrates that while many Aussie organisations say they’re ready for a ransomware attack, too many are still taking too long to recover once they are targeted.
Ransomware attacks are becoming an all too common occurrence in Australia, with businesses large and small coming under fire from a wide array of hacking groups.
As many experts commonly say, it’s not a matter of “if” an organisation is going to be attacked, but “when”, highlighting the inevitability of network compromise.
That being the case, many organisations plan ahead for a ransomware attack or similarly disruptive network intrusion. They have a playbook, they might run through tabletop exercises, and while this may give a sense of security, new research from CrowdStrike suggests that while many Australian companies think they’re ready, the truth is that they’re really not.
Fifty-five per cent of Australian and New Zealand respondents to CrowdStrike’s 2025 State of Ransomware Survey said they were “very prepared” to respond to a ransomware strike, but the reality is that ANZ organisations are among the slowest in the world to recover from such an attack.
Eighty-six per cent of ANZ organisations said they expect to recover from an attack within 24 hours, but the reality is quite different, with only 9 per cent of entities able to match that expectation.
UK organisations, on the other hand, are world leaders in fast recovery, with 35 per cent managing to recover from a ransomware attack within 24 hours, followed by Germany at 25 per cent, France at 23 per cent, and the United States at 17 per cent.
The ANZ was the third-most targeted region in the world, with 78 per cent of respondents having fallen victim to a ransomware attack in the last year, placing behind Germany at 89 per cent and the US at 81 per cent.
The survey – which polled 1,100 senior IT and cyber security leaders, with 100 from the ANZ region – found that AI was increasingly part of the attack chain, with 87 per cent of respondents globally reporting that social engineering attacks had become more convincing and thus harder to detect. Forty-nine per cent of ANZ respondents agreed, with one Australian executive commenting on just how quickly compromise can occur.
“We underestimated how quickly hackers could move,” the anonymous C-suite executive said.
“Our security investments failed to keep pace with growing threats.”
When compromise does occur, the costs can quickly escalate. On average, the global cost of downtime following a single attack is US$1.7 million. Worse, while paying a ransom may seem like the shortest path to recovery, paying a hacker doesn’t always lead to a positive outcome.
Ninety-three per cent of organisations that paid a ransom suspected their data was compromised anyway, while 83 per cent said they were targeted a second time despite paying up.
You can read CrowdStrike’s 2025 State of Ransomware Survey here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
