SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Data Protection
#
Ransomware

Veeam report finds 69% of firms hit by ransomware in past year

Today
Author image
By Sean Mitchell, Publisher

Veeam has published its 2025 Ransomware Trends and Proactive Strategies Report, highlighting ongoing cyber-attack challenges faced by global organisations.

The report, based on a survey of 1,300 organisations including respondents from Australia, indicates that nearly 69% of companies were impacted by ransomware in the past year. This figure represents a slight improvement compared to the previous year's 75%, a drop attributed to enhanced preparation and resilience tactics and closer collaboration between IT and security teams.

Despite these improvements, cyber threats remain prevalent and highly adaptable. Veeam's research found that the preparedness perceived by businesses often falls short of reality, particularly after an incident has occurred. Among Australian organisations, perceived preparedness dropped by 17% following a ransomware attack, and only 43% of businesses felt completely prepared or prepared post-incident. The report also notes that over 70% of Australian businesses lacked a detailed plan for containment or isolation in their ransomware response strategies, and less than two in ten have a defined process for making ransom payment decisions.

According to Anand Eswaran, Chief Executive Officer of Veeam, "Organisations are improving their defences against cyberattacks, yet 7 out of 10 still experienced an attack in the past year. And of those attacked, only 10% recovered more than 90% of their data, while 57% recovered less than 50%. Our latest findings clearly indicate that the threat of ransomware will continue to challenge organisations throughout 2025 and beyond."

He added: "As the nature and timing of attacks evolve, it is essential for every organisation to transition from reactive security measures to proactive data resilience strategies. By adopting a proactive security approach, investing in strong recovery solutions, and fostering collaboration across departments, organisations can significantly reduce the impact of ransomware attacks."

The report outlines several trends and strategic recommendations for organisations in 2025. Law enforcement actions in 2024 significantly disrupted prominent ransomware groups such as LockBit and BlackCat. However, the vacuum has been filled by a proliferation of smaller groups and independent attackers, increasing the challenge of prevention and detection for businesses.

Data exfiltration attacks are on the rise, with cybercriminals often targeting sensitive information for theft rather than encrypting data and demanding ransoms. Organisations with weaker security postures are particularly vulnerable, as threat actors are able to exploit weaknesses in a matter of hours.

Another trend noted is a reduction in ransom payments. In 2024, the total value of ransomware payments fell, with 36% of affected organisations choosing not to pay. Of those that did pay, 82% negotiated a lower amount and 60% settled for less than half of the initial demand. This shift is influenced by new regulatory and legal frameworks that urge organisations not to pay ransoms, such as international initiatives encouraging firms to strengthen defences over conceding to attackers' demands.

Collaboration between IT and security teams, and engagement with law enforcement and industry bodies, has been found to reinforce cyber resilience. Although budgets for security and recovery are rising, Veeam's report states that investment levels are still not fully aligned with the scale and sophistication of the current threat landscape.

Successful organisations, defined by faster recovery and minimal data loss, exhibit common characteristics including robust back-up and recovery protocols, proactive cyber security measures, and well-developed incident response plans. The 3-2-1-1-0 data resilience rule is recommended, ensuring backups are not only multiple and distributed but also immutable and malware-free before restoration.

The research suggests a disconnect between perceived and actual preparedness, particularly in the wake of an attack. Prior to an incident, 69% of victims believed they were prepared, but this confidence often dropped by more than 20% afterwards. Chief Information Officers reported a 30% decline in preparedness confidence after an attack, compared with a 15% drop among Chief Information Security Officers, indicating differing perceptions of risk within organisations.

While almost all respondents (98%) said their organisation had a ransomware response playbook, less than half included critical technical details such as backup verifications (44%) or a clearly defined chain of command (30%). The report underlines that fostering organisational alignment and conducting regular cyber security training and exercises are vital for ensuring a coordinated and effective response to ransomware incidents.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Armis offers free access to real-time cyber threat database
Lattica secures $3.25 million to boost private AI with FHE
Mandiant report finds rise in financially motivated cyber attacks
Rapid7 unveils platform to help SOC teams cut through alert noise
IRONSCALES launches Deepfake Protection to fight phishing surge
Top stories
Phishing attacks thrive on human behaviour, not lack of skill
AI use in enterprises soars but brings surge in cyber risks
Yubico & Solvatten boost digital security & clean water
Datadog acquires Metaplane to boost AI & data observability
Veeam partners with CrowdStrike to boost data resilience & security