90% of Australian Organisations Hit by Ransomware Worked with Law Enforcement
Sophos today released additional findings from its annual โ€œState of Ransomware 2024โ€ survey. According to the report, among Australian organisations surveyed, 90% of those hit by ransomware over the past year reported the attack to law enforcement and/or official government bodies and received help dealing with the attack โ€“ the lowest of any country surveyed. […]
Posted: Thursday, May 09
  • KBI.Media
  • $
  • 90% of Australian Organisations Hit by Ransomware Worked with Law Enforcement
90% of Australian Organisations Hit by Ransomware Worked with Law Enforcement

Sophos today released additional findings from its annual โ€œState of Ransomware 2024โ€ survey. According to the report, among Australian organisations surveyed, 90% of those hit by ransomware over the past year reported the attack to law enforcement and/or official government bodies and received help dealing with the attack โ€“ the lowest of any country surveyed.

In addition, more than half (59%) of Australian organisations that did engage with law enforcement found the process easy or somewhat easy. Only 8% of those surveyed said the process was very difficult.

Based on the survey, impacted Australian organisations received a range of assistance with ransomware attacks. Fifty-five percent reported they had received advice on dealing with ransomware, while 62% received help investigating the attack. Fifty-eight percent of those that had their data encrypted received help from law enforcement to recover their data from the ransomware attack, in line with the global average.

โ€œCompanies have traditionally shied away from engaging with law enforcement for fear of their attack becoming public. If they are known to have been victimised it could impact their business reputation and make a bad situation worse. Victim shaming has long been a consequence of an attack, but weโ€™ve made progress on that front, both within the security community and at the government level. New regulations onย cyber incident reporting, for example, appear to have normalised engaging with law enforcement, and this survey data shows organisations are taking steps in the right direction,โ€ said Chester Wisniewski, director, Field CTO, Sophos. โ€œIf the public and the private sectors can continue to galvanise as a group effort to help businesses, we can continue to improve our ability to recover quickly and gather intelligence to protect others or even potentially hold those conducting these attacks responsible.โ€

Recent in-the-field findings from Sophos X-Ops’ย Active Adversary reportย highlighted the continued threat of ransomware to small-and-medium sized businesses. Data from more than 150 global incident response (IR) cases in 2023 found that ransomware was, for the fourth year running, the most frequently encountered attack type, occurring in 70% of IR cases Sophos X-Ops investigated.

“While improving cooperation and working with law enforcement after an attack are all good developments, we need to move from simply treating the symptoms of ransomware to preventing those attacks in the first place. Our most recentย Active Adversary reportย showed that many organisations are still failing to implement key security measures that can demonstrably reduce their overall risk profile; this includes patching their devices in a timely manner and enabling multi-factor authentication. From the law enforcement side, while they have had some recent successes with takedowns and arrests fromย LockBitย toย Qakbot, these successes have proven to be more akin to temporary disruptions than longer term or permanent wins.
โ€œCriminals are successful in part due to the scale and efficiency with which they operate. To beat them back, we need to match them in both these areas. That means that, going forward, we need even greater collaboration, both within the private and public sectorโ€”and we need it at a global level,โ€ said Wisniewski.
โ€œTodayโ€™s threat environment is constantly evolvingโ€”and itโ€™s more severe and more complex than ever before. The bad guys arenโ€™t constrained by international borders, so we shouldnโ€™t be, either.
โ€œAt the Bureau, weโ€™ve been doubling down in particular on our work with the private sector, in their capacity as victims of cyberattacks, of course, because the mission of the FBI always has beenโ€”and always will beโ€”victim-centricโ€”but also as integral partners, who can share valuable information about threats and trends, and, increasingly, join in our operations themselves,โ€œ saidย Christopher Wray, FBI director.

Data for the State of Ransomware 2024 report comes from a vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024. Respondents were based in 14 countries across the Americas, EMEA and Asia Pacific, including 330 respondents from Australia. Organisations surveyed had between 100 and 5,000 employees, and revenue ranged from less than $10 million to more than $5 billion.

Share This