Rubrik, a cloud data management company, has revealed almost one-in-three (29%) Australian and New Zealand organizations which fell victim to ransomware attacks in the past two years had paid off the criminal groups responsible to regain access to their data.
This insight emerged from IDC’s A/NZ Ransomware Survey, August 2020, commissioned by Rubrik.
This finding and others were included in an IDC InfoBrief, Building Business Resiliency in Australia and New Zealand Using a Ransomware Remediation Backup Strategy, sponsored by Rubrik. The InfoBrief is based on the A/NZ Ransomware Survey that polled technology and business leaders from more than 150 Australian and New Zealand organizations across a range of industries.
The survey found 18% of A/NZ businesses had fallen victim to a ransomware attack in the past 24 months. From an industry perspective, the sectors hardest hit were banking, financial services and insurance (BFSI), in which 29% of respondents said they’d experienced a ransomware attack, followed by the transport (24%) and education (22%) sectors.
Despite bullishness on the part of respondents about their willingness to pay ransomware attackers – with only 6% saying their organization would consider such a course of action if their data were compromised by ransomware – the reality when confronted with an attack was very different. Of those who had fallen victim to a ransomware attack, 29% of local organizations had paid off the attackers to regain access to their data. This was prevalent in the BFSI (60%) and government (33.3%) sectors.
Jamie Humphrey, Managing Director at Rubrik A/NZ, said the results were a sobering reminder of how important data was to business operations in the digital age.
“Unfortunately, faced with the prospect of either halting operations until data could be restored or paying criminal organizations to have their data returned, a significant number of local businesses thought they had no choice but to pay those holding their data hostage,” he said.
“Ransomware attacks are not only becoming more common, they’re becoming more sophisticated too – one third of local businesses that fell victim to ransomware reported that their backup data was compromised during the attack.
“This shows how important immutable backups and mature backup regimes are to business resiliency. With a comprehensive backup strategy, operations can be up and running within an hour by simply restoring from a point-in-time before an attack without having to engage the criminals.
“Secure backups are the best data insurance policy businesses have against these insidious attacks.”
This sentiment was confirmed in the InfoBrief which found that 89% of A/NZ businesses agreed that ransomware remediation was just as critical as prevention in an effective response strategy.
The findings are bolstered by the Australian Cybersecurity Center’s latest Annual Cyberthreat Report, which not only found that ransomware had become one of the most significant threats facing Australian businesses and governments, but also highlighted how ‘recovering from ransomware is almost impossible without comprehensive backups.’Click below to share this article