Australians the most likely nation to pay out a ransomware

Recent research from the International Data Corporation has revealed that Australian organisations are more likely to pay out a ransom than any other nation.

This has unsurfaced during a year that has seen ransomware attacks against Australians increase by a massive 60 percent - a figure that some industry experts indicate is a $1 billion cost to the Australia economy.

While dealing with an active ransomware attack, paying the ransom should only be done as last resort. Not only does it justify the hacker's efforts to attack the business, but there's no guarantee that your stolen assets, data or system integrity will be restored.

So in the case of Australians, why are we so inclined to fork out the cash?

We tend to view cybersecurity on a cost-basis, with the focus and priority for most executive members being to funnel money and technical resources into what is fundamentally human issue. Deloitte and other entities have performed research and analysis highlighting the need for Australian organisations to rethink their approach to cybersecurity, and in the new decade, it's crucial to consider the intended behavioural outcomes in our cybersecurity initiatives - from addressing the risks of human error through to mitigating and de-escalating incidents, such as ransomware, as they occur.

In the current cybersecurity landscape, wherein IT solutions and financial resources are the primarily adopted means of mitigation, it's no surprise that by the time a ransomware attack occurs, many Australian organisations may find it more enticing and aligned with their culture and processes to simply spend more resources and pay out the ransom.

However, paying out ransoms is extremely problematic for a number of reasons. Not only does it contribute to establishing a precedent for attackers to repeat their efforts against you and other organisations, but as mentioned above, there is no guarantee that the attacker will uphold their end of the bargain.

80% of organisations that do pay out a ransomware attack experience a second, subsequent attack - of which 46% believe are performed by the same cybercriminals.

Now is a crucial time for all organisations to examine their readiness for a ransomware attack. The climate is more dangerous than ever before, with Australian companies recently involved in the largest ransom demand of all time - $70 million USD - during an attack against major IT Management Software provider: Kaseya.

Furthermore, Australian infrastructure is being increasingly targeted, with Queensland Hospitals facing major disruptions in April, and a whopping 47 meat processing facilities forced to shut down in May during the renowned attack against JBS Foods, who eventually paid out $14.1 million to their attacks.

So, you may be wondering what the alternatives are. If you don't pay a ransom out, how do you recover?

At the end of the day, ransomware is extremely dangerous, and it's rare that the victim will walk away completely unscathed. However, the highest yield for risk-reduction comes with preparation.

By taking pre-emptive measures and establishing processes for a ransomware attack in advance, you can increase confidence in your stakeholders that your company is equipped and ready for rectifying an attack. Furthermore, you dissuade attackers from targeting you again, rather than providing them with finances and a further incentive to target you and fellow Australians.

In consideration of ransomware, here are some key measures you can take to prepare for and mitigate a potential attack:

• Create regular backups and prepare redundant work systems: Depending on the extent of a ransomware attack, backups can potentially restore your data and systems, enabling you to then focus on securing your systems instead of paying out a hacker. Furthermore, having a redundant work system(s) in place could enable your organisation to continue operating to a determined capacity, even during an attack. Back up your systems and data regularly so you have some potential wiggle room in the event of an attack.
• Incident response procedures: It's crucial that if and when an attack occurs, you and your employees are prepared on what steps to take. Rather than scrambling for a fix and playing into the hands of the ransomware attackers, establish roles, responsibilities and processes within the organisation in advance.
• Cyber-safe work culture: Human error is repeatedly the?leading cause of cybercrime. It’s entirely possible for a simple misclick or phishing email to create a point of entry for attackers. Deploy regular awareness training at all levels of your organisation to reduce your human-risk as much as possible.
• Treat payment as a last resort:?The problem with paying an attacker is that there’s no guarantee they’ll restore your access, or delete the data they’ve stolen. Work with security professionals to determine the best course of action, and only make payment if it’s impossible to recover through other means.

As discussed, ransomware is set to become even more prominent throughout the coming decade. The Federal Government is?currently debating a ransomware attack disclosure bill, meaning that ransomware payments could be disclosed moving forward. Now is a crucial moment to review your cyber stature and preparation for ransomware and general cyber risks against your organisation.

Not sure about the next steps to take for your cybersecurity? Visit?cyberaware.com?for key safety tips and takeaways.