Aussie orgs most likely to pay ransomware attackers: IDC

Australian organisations are the most willing in the world to pay a ransom if they were hit by a ransomware attack, according to a new report by analyst firm IDC.

The firm’s ‘Will Your Organization Pay the Ransomware? Survey Says …’ survey showed that 60 percent of Australian companies would be willing to pay a ransom, as compared to 49 percent for both the second and third most likely countries, Brazil and Singapore, respectively.

“The IDC Survey finding aligns with an earlier report by the ABC on Australian companies forced to make payments to hackers as the country comes under the threat of increasing cybercrime attacks,” IDC ANZ research manager John Feng explained to CRN.

Just last month, the Kaseya ransomware attack saw a record high ransom demand at US$70 million (~AU$95 million), and in June, JBS foods paid the $14.1 million ransom demanded following an attack.

Australian organisations have seen a 200 percent increase in reported ransomware attacks in recent times, with an estimated $1 billion cost to the economy

Feng explained what made Australian orgs so vulnerable and why they may be more likely to fork out to get their systems back up and running.

“There are a couple of factors that underlie Australia’s higher propensity to pay under a ransomware attack. Australia is a keen adopter of technology, that means data and IT infrastructure forms a reasonably significant portion of the base foundation on which businesses operate,” he explained.

“Within Australia, there exists a dichotomy of cybersecurity awareness and preparedness, with one end being on the forefront of cyber resiliency and implementing top-notch cyber products and practices, while the other end of the market is more complacent and tends to view cybersecurity investment primarily on a cost basis. 

“In more recent years overall cybersecurity awareness has improved, but catching up with effective preventative and remediation measures takes time.”

In another study by IDC, the ‘Future Enterprise Resiliency Survey’, only 82.4% of APeJ organisations who paid the ransom following an attack managed to retrieve a working decryption key, meaning almost 20% paid the ransom but got nothing in return.

The analyst firm added that the rise of cyber insurance in APEJ also contributes to the willingness to pay during a ransomware attack. In fact, 40 percent of Aussie orgs are either expecting to pay entirely or partly via insurance.

Feng added that Australia’s approach to digital transformation may be in part to blame for the country’s vulnerability to attacks.

“Another factor that is further complicating the situation is the stage at which Australian businesses are progressing in their digital transformation journey. Australian businesses have been actively transforming digitally, but on average, the effort has predominantly been departmental,” he said.

“The COVID disruptions exposed gaps in business operations and companies are investing in building enterprise-wide operational visibility and resiliency. An “in progress” status in cyber and operational resiliency leaves the market susceptible to the steep increase in cyberattacks. With parts of the business relying on digital to operate but the business as a whole lacking enterprise-wide readiness to cyber incidents response, businesses face significant operational disruptions once breached.”

Feng said that to truly establish resilience, Australian businesses will need to develop an understanding of cybersecurity as a whole, despite the skills shortages the country is facing.

“The Australian market is investing in reducing business risks and is increasingly taking a holistic approach over cybersecurity. Constrained by cybersecurity skills available, the market is looking at ways to improve the efficiency and effectiveness in managing cybersecurity, including implementing automation and adopting external services. 

“To achieve resiliency at enterprise level, in addition to the adoption of technologies it also requires the comprehensive understanding of business processes and scenarios. Only when technological excellence is combined with in-depth operational understanding can businesses achieve a high level of resiliency facing the increasingly widespread and sophisticated ransomware attacks.”

The Federal Government is currently debating a ransomware attack disclosure bill, akin to the data breach law that was put in place in 2018. Got a news tip for our journalists? Share it with us anonymously here.

Copyright © CRN Australia. All rights reserved.Tags:idcsecurity

Leave a Reply

Your email address will not be published. Required fields are marked *