Australian firms under-reporting ransomware attacks
A recent ransomware report indicates that while Australian organisations are witnessing an increasing number of cyberattacks, a significant proportion are failing to report such incidents to law enforcement. This inadvertently empowers cybercriminals and hinders progress in capturing them.
A state-of-the-art ransomware report compiled by Sophos, a world leader in developing innovative solutions to thwart cyberattacks, revealed that 90% of Australian organisations affected by ransomware reported the incident to law enforcement. Although this might appear to be a promising percentage, it is essential to note that 1 in 10 businesses are concealing their encounters with ransomware, placing this statistic 7% under the global average of 97%.
Sophos's annual 'State of Ransomware 2024' survey further revealed that among the Australian organisations surveyed, only 90% of those hit by ransomware in the last year reported their experiences to law enforcement or official government bodies for assistance, which is the lowest of any country surveyed. Furthermore, these findings illustrate that just over half (59%) of Australian organisations found the process of engaging with law enforcement 'easy' or 'somewhat easy', and a mere 8% considered the process 'very difficult'.
The survey disclosed that impacted Australian institutions received an array of assistance to combat ransomware attacks. Advice on handling ransomware was provided to 55% of organisations, while 62% received help investigating the attack. Moreover, 58% of firms that had data encrypted were supported by law enforcement to recover their data from the ransomware attack, which is on par with the global average.
"Companies have long avoided engaging with law enforcement due to the fear of their attack becoming public. Victim shaming has long been a consequence of an attack. Recent progress is noticeable both within the security community and government level, and cyber incident reporting regulations appear to have normalised interaction with law enforcement," according to Chester Wisniewski, director, Field CTO, Sophos.
Data from Sophos X-Ops' Active Adversary report highlighted the continued threat of ransomware to small-and-medium sized businesses. Their investigation of over 150 global incident response cases in 2023 found that for the fourth consecutive year, ransomware was the most frequently encountered type of attack, occurring in 70% of cases.
Wisniewski further stated, "We need even greater collaboration, both within the private and public sector, to match the scale and efficiency of criminals. Greater cooperation and working alongside law enforcement after an attack are a step in the right direction, but we must move from simply treating the symptoms of ransomware to preventing these attacks in the first place."
FBI Director, Christopher Wray, emphasised the bureau's commitment to working closely with the private sector, recognising their role as both victims and integral partners in sharing valuable information about threats and trends.