Close this search box.

ExtraHop Reveals 85% of Australian Businesses Were Hit by Ransomware in the Last 5 Years, 72% Trying to Keep It Quiet


StollzNow Research’s ExtraHop Cyber Confidence Index – Asia Pacific Report 2022 gives insight on differences in how Australian IT decision makers (ITDMs) view their existing security procedures, as well as the grim reality of the ransomware attack environment.

It demonstrates that both external and internal sense of security can be misleading.

Key findings of the report include:

  • In Asia Pacific, 85% of organisations have been breached by ransomware at least once in the last five years, yet just 28% have publicly revealed the incident.
  • Externally, 72% of businesses will try to keep a ransomware assault a secret, telling few if any people and doing everything they can to keep it hidden.
  • More attacks than we might assume: Only 15% of Australian respondents indicated they had no ransomware occurrences in the previous five years; 53% had 1-5 assaults, and 32% had 6 or more. However, 22% of organisations would not disclose breaches regardless, implying that the proportion of organisations impacted by ransomware is likely much greater.
  • Disagreements between IT specialists and corporate leaders: Only 28% of Australian organisations make ransomware attacks public and transparent; 50% tell some people but keep it a secret to the public; and 22% tell no one. This is contrary to the preferences of IT security personnel, 66% of whom feel it is better to be honest and transparent about ransomware attacks.
  • Australian businesses are less worried about government action: While the threat of legal action and sanctions can encourage senior management to act on cybersecurity in some jurisdictions, just 64% of Australian respondents agree with this assertion, compared to their Asia Pacific counterparts.
  • However, the recent ASIC v RI Advice decision established a precedent in which regulated organisations would be breaking the law if they did not appropriately manage their cybersecurity risks. If regulated firms fail to demonstrate good cybersecurity resilience, ASIC will intervene, and the financial services industry can expect fines and legal action.
  • Under-resourcing: 5% of Australian organisations do not have dedicated internal or external cybersecurity staff. A very large number of organisations lack fundamental cybersecurity protection. Being a member of this group is cause for concern.
  • Slow reaction times to vulnerabilities: Only 31% of teams can implement mitigations or apply a patch (when available) in less than a day, with 42% taking one to three days, 17% taking a week, and 6% taking a month or more.


Take action:

  • Network detection and response: Only 36% of businesses have invested in network detection and response systems. Gridware’s Cyber Security Strategy evaluates your organisation’s existing security and defences, as well as determining where you need to be to proactively avoid and identify attacks to your firm.
  • Social engineering response: Only 30% of organisations have a social engineering strategy in place, and less than half (46%) teach employees to recognise social engineering signs. You can use Gridware’s Social Engineering Services to assess how well your systems and staff recognise and respond to phishing attacks.
  • Threat training and identification: 43% intend to adopt staff threat training, while 50% intend to increase the speed with which threats are identified. We offer in-house training courses for your employees to educate them on phishing prevention, social engineering, and best practises in cyber defence.
Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →