ExtraHop Reveals 85% of Australian Businesses Were Hit by Ransomware in the Last 5 Years, 72% Trying to Keep It Quiet


Share on facebook
Share on twitter
Share on linkedin

StollzNow Research’s ExtraHop Cyber Confidence Index – Asia Pacific Report 2022 gives insight on differences in how Australian IT decision makers (ITDMs) view their existing security procedures, as well as the grim reality of the ransomware attack environment.

It demonstrates that both external and internal sense of security can be misleading.

Key findings of the report include:

  • In Asia Pacific, 85% of organisations have been breached by ransomware at least once in the last five years, yet just 28% have publicly revealed the incident.
  • Externally, 72% of businesses will try to keep a ransomware assault a secret, telling few if any people and doing everything they can to keep it hidden.
  • More attacks than we might assume: Only 15% of Australian respondents indicated they had no ransomware occurrences in the previous five years; 53% had 1-5 assaults, and 32% had 6 or more. However, 22% of organisations would not disclose breaches regardless, implying that the proportion of organisations impacted by ransomware is likely much greater.
  • Disagreements between IT specialists and corporate leaders: Only 28% of Australian organisations make ransomware attacks public and transparent; 50% tell some people but keep it a secret to the public; and 22% tell no one. This is contrary to the preferences of IT security personnel, 66% of whom feel it is better to be honest and transparent about ransomware attacks.
  • Australian businesses are less worried about government action: While the threat of legal action and sanctions can encourage senior management to act on cybersecurity in some jurisdictions, just 64% of Australian respondents agree with this assertion, compared to their Asia Pacific counterparts.
  • However, the recent ASIC v RI Advice decision established a precedent in which regulated organisations would be breaking the law if they did not appropriately manage their cybersecurity risks. If regulated firms fail to demonstrate good cybersecurity resilience, ASIC will intervene, and the financial services industry can expect fines and legal action.
  • Under-resourcing: 5% of Australian organisations do not have dedicated internal or external cybersecurity staff. A very large number of organisations lack fundamental cybersecurity protection. Being a member of this group is cause for concern.
  • Slow reaction times to vulnerabilities: Only 31% of teams can implement mitigations or apply a patch (when available) in less than a day, with 42% taking one to three days, 17% taking a week, and 6% taking a month or more.


Take action:

  • Network detection and response: Only 36% of businesses have invested in network detection and response systems. Gridware’s Cyber Security Strategy evaluates your organisation’s existing security and defences, as well as determining where you need to be to proactively avoid and identify attacks to your firm.
  • Social engineering response: Only 30% of organisations have a social engineering strategy in place, and less than half (46%) teach employees to recognise social engineering signs. You can use Gridware’s Social Engineering Services to assess how well your systems and staff recognise and respond to phishing attacks.
  • Threat training and identification: 43% intend to adopt staff threat training, while 50% intend to increase the speed with which threats are identified. We offer in-house training courses for your employees to educate them on phishing prevention, social engineering, and best practises in cyber defence.
Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.