AUD$29 Billion (2020): Building a Ransomware resilient organisation

After years of increasing cyberattacks of all kinds, the rise of ransomware has changed the threat landscape for Australian businesses. 

Whilst some of this insight is older data, from 2020, we can see ransomeware is high on the list of cyber attacks. Regional councils are not spared and must prepare for such a threat.

PwC’s Digital Trust Insights 2021 report showed Australian executives are anticipating a higher likelihood and higher impact of cyber attacks in the year ahead (2022) than their global peers. The report also shows that in the first three months of the Pandemic, cyberattacks increased by 65%. 

According to PWC the cost to the Australian Economy is huge; 

• AUD $29 billion: How much cyberattacks are costing Australian businesses and households, according to the latest government report.
• 61% reported: The proportion of data breaches reported to the Office of the Australian Information Commissioner in the first six months of 2020 were due to a malicious or criminal attack. 
• $1.25 million: The average ransomware payment made in Australia. 
• 61%: The proportion of organisations from a recent PWC Survey who say ransomware breaches are likely.  

The cyber threat posed by ransomware can be as significant as the COVID-19 Pandemic in its capacity to close down core functions across government and business. 

In Australia, the Netwalker attack emerged In Mid-2019 following the Toll Group attack. Data gathered so far indicates that Netwalker ransomware was created by a Russian-speaking group of hackers operating under the Circus Spider moniker, according to Hemidal Security. Further reading on the anatomy of this attack is at  Equinix breach: 7 things to know about Netwalker ransomware attacks – Security – published at CRN Australia.

Defending against Ransomware

In 2020 and early 2021, at least two regional councils have suffered cyber attacks and ransomeware was the choice of hackers. Here is a pretty good plan to mitigate cyber incidents Strategies to Mitigate Cyber Security Incidents | Cyber.gov.au

Focusing upon the Essential Eight

The Essential Eight is a key baseline for protection found here Essential Eight | Cyber.gov.au

Have you strengthened the systems in your network that are likely to be targeted? Have you made it harder for ransomware to spread? Are you regularly checking for vulnerabilities as your business and ransomware techniques change? Can you detect activity generated in your system by a ransomware threat actor? How prepared are you to respond if a ransomware attack cripples your system?  

 The big question in any cyber incident is can you recover quickly? 

Do you know where your assets are? Do you know what data is held on your systems? And can you restore them quickly? 

We can help you plan well and that includes disaster recovery and business continuity planning that works. s