cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

7 out of 10 Australian organisations hit by ransomware in 2022

A new report has revealed the scale of ransomware attacks against Australian businesses in 2022, and while the number of attacks has dropped, their cost has risen markedly.

user icon David Hollingworth
Mon, 15 May 2023
7 out of 10 Australian organisations hit by ransomware in 2022
expand image

Sophos’ State of Ransomware 2023 report has revealed that 70 per cent of organisations in Australia have been affected by ransomware attacks. The global number is lower, with 64 per cent of organisations in other countries reporting ransomware incidents.

In 2021 the figure was higher, at 80 per cent, so the decrease could be cause for some celebration.

However, what has gone up is the amount of money victims are paying to access their stolen data. In 2021, the average cost of a ransom — determined from the reports of 65 victims — was US$226,863. In 2022, the average cost of paying a ransom has jumped to an alarming US$1,513,436. For this year’s report, 13 companies responded to the survey.


And for those paying, the costs go far beyond that initial cost.

According to the report, companies that pay a ransom can see their costs double, when compared to restoring data from backup. On top of that, recovery times are often longer — 45 per cent of organisations globally are back in operation within a week of restoring from backup, compared to 39 per cent of companies that pay up.

“While it’s great to see a decline in the number of Australian organisations victimised by ransomware in 2022 compared to 2021, there is still a long way to go,” said Chester Wisniewski, field chief technology officer at Sophos. “The key to continually lowering this number is to work to aggressively lower both time to detect and time to respond. Human-led threat hunting is very effective at stopping these criminals in their tracks, but alerts must be investigated, and criminals evicted from systems in hours and days, not weeks and months.”

“Experienced analysts can recognise the patterns of an active intrusion in minutes and spring into action. This is likely the difference between the 30 per cent who stay safe and the 70 per cent who do not,” Wisniewski said.

“Organisations must be on alert 24x7 to mount an effective defence these days.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.