Over half of ANZ organisations hit by ransomware

The ransomware threat is showing no signs of abating in Australia and New Zealand (ANZ), with over half of organisations in both countries reportedly hit by a ransomware attack in the prior six months, a new study has found.

Commissioned by Cohesity, Tenable and BigID, and conducted by Censuswide in late April 2023, the study also found that 94% of respondents felt the threat of ransomware attacks to their industry had increased in 2023 compared with last year, with 79% concerned about their organisation’s cyber resilience strategy in mitigating cyber threats.

A key aspect of cyber resilience is the ability to recover from cyber attacks. In ANZ, over 99% of respondents revealed they would need more than 24 hours to recover data and business processes if a cyber attack occurred. Eight in 10 said it would take more than four days, while almost half of respondents said over a week would be required.

Unsurprisingly, seven in 10 respondents lacked full confidence that their company could recover their data and critical business processes in the event of a system-wide cyber attack.

Diving deeper into cyber resilience and data recovery expectations versus reality, 95% of respondents said their organisation would consider paying a ransom, with almost four in five (78%) believing their organisation would pay a ransom if they could recover data and business processes or recover faster.

“Organisations cannot afford to be offline and unable to maintain operations, especially for more than a day,” said Michael Alp, managing director of Cohesity ANZ. “However, the stark reality is that many organisations are vulnerable to leverage from cyber criminals because they are incapable of rapidly recovering their data and business processes when necessary.

“Therefore, it’s no surprise that less than 5% of respondents said their organisation would not consider paying a ransom to maintain business continuity, and that the vast majority of respondents believe their organisation would pay cyber criminals a ransom,” he added.

Recovering from a ransomware attack requires IT and security teams to work closely together, which is not always the case. The lack of coordination between IT and security was a barrier to recovery for a third of ANZ respondents, among other challenges such as a lack of timely and detailed alerts (32%) and a lack of a recent, clean, immutable copy of data (30%).

Just under half of ANZ respondents appeared to be confident that their data on the cloud was protected compared with data stored on-premise, for which just one in six felt were being protected.

The heightened threat of ransomware has been driving up demand for cyber insurance, with 75% of respondents confirming their organisations have cyber insurance. However, nearly half claimed it is now harder to obtain cyber insurance than it was in 2020.

The respondents also noted that the three most critical technologies or capabilities required to secure cyber insurance were strong encryption (39%), multi-factor authentication (37%) and the ability to verify the integrity of backups (34%).

“IT and SecOps must co-own organisations’ cyber resilience outcomes to identify sensitive data and protect, detect, respond and recover from cyber attacks,” said Alps.

“Relying on traditional backup and recovery systems, which lack modern data security capabilities, in today’s sophisticated cyber threat landscape is a recipe for disaster. Instead, organisations should seek out data security and management platforms that integrate with their existing cyber security solutions, and provide visibility into their security posture and improve cyber resilience.”