Rubrik Zero Labs Finds Almost Two-Thirds of Australian Businesses Would Pay Ransomware Demand
Attackers increasingly targeting backup data to prevent recovery efforts and force victims to pay
SYDNEY, Australia – Almost two thirds of Australian IT and security leaders (64%) said they are likely to pay a ransom to recover their data following a cyberattack, according to a new study released by Rubrik, the Zero Trust Data Security™ Company. The Australian data from “The State of Data Security by Rubrik Zero Labs: The Hard Truths of Data Security” provides a unique view into the local data security landscape, what IT and security leaders experienced in 2022, and the actions they are taking to establish real cyber resilience.
Rubrik Zero Labs commissioned its second global study with Wakefield Research to gather insights from more than 1,600 IT and security leaders—half of which were CIOs and CISOs—across 10 countries. This study was supplemented by Rubrik telemetry, combining both qualitative and quantitative data.
While more than 60% of Australian respondents said they were likely to pay a ransom in the future, almost three quarters (72%) reported having previously paid to recover data or to stop a ransomware attack.
Scott Magill, managing director, Rubrik A/NZ said Australian organisations, like their global counterparts, were seeing attackers turn their attention to backup data in order to hamstring cyber recovery efforts.
“Organisations are struggling to keep their heads above water against the rising tide of cyberattacks,” Magill said. “Almost every Australian respondent (98%) had seen malicious actors attempt to impact their data backups during a cyberattack. Alarmingly, 87% said the attackers were at least partially successful in these attempts.”
The figures were well above the global average, where 90% had seen attackers attempt to impact backup data and 73% reported the attempts had some level of success.
“When backup data is corrupted or encrypted, victims often see no alternative other than to pay the ransom,” Magill said. “Unfortunately, there is no honour amongst thieves and decryption keys rarely provide what it says on the tin.”
This was evident in the research which found only 14% of Australian organisations that paid attackers for decryption tools were able to recover all their data.
According to the report, Australian businesses have seen a steady stream of attacks levelled against them with respondents reporting an average of 46 attempted cyberattacks in the past year. As a result, 82% of local security leaders are concerned their company will be unable to maintain business continuity as a result of cyberattacks.
“In a bid to turn the tables Australian businesses are looking to bolster their troops, whether through artificial intelligence or hiring security personnel,” Magill said. “While 52% reported increased interest in supporting security teams with AI and 49% sought to hire additional staff, 38% said a lack of specialised IT talent impacted these efforts.”
Despite the concerns surrounding business continuity and the increasing prevalence of cyberattacks, only 53% of Australian organisations developed or reviewed an incident response plan in 2022 and only 58% had tested their backup and recovery options.
“It’s clear organisations understand the gravity and impact of cyber incidents, but we also see a range of roadblocks from a lack of preparation, misalignment between IT and security teams, and over-reliance on insufficient backup and recovery solutions,” said Steven Stone, Head of Rubrik Zero Labs. “In the current era of cybersecurity, the best outcome is ensuring cyber resilience. Incidents are inevitable, so it’s critical to reduce the risk before a response is needed, and—at all costs—protect the crown jewel: the data.”
“The State of Data Security” comes from Rubrik Zero Labs, the company’s cybersecurity research unit formed to analyse the global threat landscape, report on emerging data security issues, and give organisations research-backed insights and best practices to secure their data against increasing cyber events.
To learn more about Rubrik Zero Labs’ “The State of Data Security” visit https://rubrik.com/zero-labs.
Report Methodology
“The State of Data Security: The Hard Truths of Data Security” by Rubrik Zero Labs was commissioned by Rubrik and conducted by Wakefield Research among 1,625 IT and Security decision makers at companies of 500 or more employees. Respondents were made up of approximately half CIOs and CISOs and half VPs and Directors of IT and Security. The research was conducted in the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore, and India between February 10th and February 21st, 2023.
About Rubrik
Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.
For more information please visit www.rubrik.com and follow @rubrikInc on Twitter and Rubrik, Inc. on LinkedIn.