Australian Businesses Face Rising Ransomware Threats as Costs and Attacks Surge
Australia has become a prime target for ransomware attacks, with 69% of domestic organizations experiencing an incident in the past five years up from 56% the previous year according to the Australian Cyber Network’s (ACN) State of the Industry 2024 report. The financial toll is severe: the average ransom payment has climbed to $1.35 million, a 31% increase from 2023, and 84% of affected businesses opted to pay.
While self-reported cybercrime costs for businesses dipped by 18%, experts warn this may reflect underreporting or internal absorption of incidents rather than improved security. Small businesses saw an 8% rise in average costs ($49,600 per incident), while individuals faced a 17% increase ($30,700 per report) due to fraud and identity theft.
Critical infrastructure under siege
Australia ranks as the fourth most targeted nation for cyber threats against critical infrastructure, behind the U.S., Sweden, and Germany. State-aligned and organized cybercrime groups repeatedly exploit vulnerabilities, viewing Australian systems as "soft targets" in a geopolitically significant country. Recent attacks on Western Sydney University and AustralianSuper highlight disparities in security preparedness, with well-funded sectors like finance and healthcare faring better than under-resourced institutions such as regional universities and smaller utilities.
Cybersecurity sector grows amid funding gaps
Despite the threats, Australia’s cybersecurity industry contributed $9.99 billion to gross value added (GVA) in 2024, with $348 million in investment and a 9.27% increase in workforce employment (137,453 workers). Female representation in the sector has also surged, rising from 8% in 2021 to 25% in 2024. However, ACN co-founder Jason Murrell warns that cybersecurity remains "underfunded, under-coordinated, and under-prioritized" at the national level, despite its critical role in national security.
In response to the escalating threat, the Australian government introduced mandatory ransomware reporting requirements in November 2024, aiming to improve visibility and collaboration. Yet, cybersecurity has been notably absent from national policy debates, even as attacks disrupt universities, superannuation funds, courts, and healthcare providers. The ACN urges urgent political action to align strategy with the growing threat landscape.
Source: https://ia.acs.org.au/article/2025/over-two-thirds-of-aus-businesses-hit-by-ransomware.html
Western Sydney University cybersecurity rating report: https://www.rankiteo.com/company/western-sydney-university
"id": "WES1770324293",
"linkid": "western-sydney-university",
"type": "Ransomware",
"date": "11/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Education',
'location': 'Australia',
'name': 'Western Sydney University',
'type': 'University'},
{'industry': 'Finance',
'location': 'Australia',
'name': 'AustralianSuper',
'type': 'Superannuation fund'},
{'location': 'Australia', 'type': 'Small businesses'},
{'industry': 'Healthcare',
'location': 'Australia',
'type': 'Healthcare providers'},
{'industry': 'Critical Infrastructure',
'location': 'Australia',
'type': 'Utilities'},
{'industry': 'Government',
'location': 'Australia',
'type': 'Courts'}],
'data_breach': {'personally_identifiable_information': 'Identity theft risk '
'for individuals'},
'date_publicly_disclosed': '2024',
'description': 'Australia has become a prime target for ransomware attacks, '
'with 69% of domestic organizations experiencing an incident '
'in the past five years. The average ransom payment has '
'climbed to $1.35 million, and 84% of affected businesses '
'opted to pay. Critical infrastructure is under siege, with '
'Australia ranking as the fourth most targeted nation for '
'cyber threats.',
'impact': {'financial_loss': '$1.35 million (average ransom payment)',
'identity_theft_risk': 'Increased for individuals ($30,700 per '
'report)',
'operational_impact': 'Disruption to universities, superannuation '
'funds, courts, and healthcare providers'},
'lessons_learned': "Australia's cybersecurity remains underfunded, "
'under-coordinated, and under-prioritized despite its '
'critical role in national security. Disparities in '
'security preparedness exist across sectors.',
'motivation': ['Financial gain', 'Geopolitical targeting'],
'post_incident_analysis': {'corrective_actions': 'Introduction of mandatory '
'ransomware reporting '
'requirements, calls for '
'improved funding and '
'coordination',
'root_causes': 'Exploitation of vulnerabilities, '
'viewing Australian systems as '
"'soft targets'"},
'ransomware': {'ransom_paid': '$1.35 million (average)'},
'recommendations': 'Urgent political action is needed to align strategy with '
'the growing threat landscape. Improved funding, '
'coordination, and prioritization of cybersecurity are '
'critical.',
'references': [{'date_accessed': '2024',
'source': 'Australian Cyber Network’s (ACN) State of the '
'Industry 2024 report'}],
'regulatory_compliance': {'regulatory_notifications': 'Mandatory ransomware '
'reporting requirements '
'introduced in November '
'2024'},
'threat_actor': ['State-aligned groups', 'Organized cybercrime groups'],
'title': 'Rising Ransomware Threats Against Australian Businesses',
'type': 'Ransomware'}