Australia Tops Annual Ransomware Ranking

Recent research shows that Australian organisations faced more ransomware incidents than any other country in 2025 - and most victims ended up paying the criminals. 

According to the global study of 1,625 senior security leaders from large enterprises, ransomware featured in 35% of all cyber incidents reported by Australian organisations in 2025.  Typically, demands were for payment to unlock encrypted systems or threats to publish stolen data. 

Australia also ranked near the top globally for ransom payments. 95% of victims admitted they paid the attackers, second only to Singapore’s 97%.  

This willingness to pay is likely contributing to Australia being repeatedly targeted, incentivising attackers to focus their extortion demands here. 

AI Opens Back Doors 

Identity-driven threats are a key exposure of concern – and AI is facilitating their exploitation.  

99% of Australian organisations have already embedded, or plan to embed, AI models or AI agents into their identity systems. These AI agents can perform tasks, make decisions, and access systems on behalf of users or automated processes.  

When compromised, attackers can use them to move rapidly through an environment and access sensitive data. 

Research authors Rubrik Zero described AI agents as “force multipliers,” the “next” major attack surface, able to dramatically amplify damage. 

Ongoing Toll 

Rubrik’s report reinforces that ransomware remains a stubborn and expensive challenge for Australian organisations. Despite the high rate of ransom payments, recovery times remain slow. 

Almost a quarter of Australian organisations needed more than 24 hours to resume operations, and 34% estimated it would take at least a week to return to full functionality. 

Rubrik warned that innovation is outpacing investment in the controls needed to manage AI‑driven risks.  They emphasised the importance of monitoring AI agent behaviour, enforcing real‑time safeguards, improving agent accuracy, and having mechanisms to reverse harmful or incorrect agent actions. 

Underpinning IT Foundations 

Rather than wasting money on ransoms, organisations need to invest in secure and resilient IT foundations. 

That starts with protecting valuable data where it is stored and when it is transferred. Managed File Transfer (MFT) solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards. 

MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. 

Layered Defences 

Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence.  

SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering your organisation, and reducing opportunities for employees to lose or mishandle sensitive data. 

Tap Local Expertise 

Generic Systems Australia are your local experts in Managed File Transfer and Advanced Threat Protection.  We’ve assisted hundreds of organisations across the Asia-Pacific region to secure their data, keep cybercriminals at bay… and keep ransomware off the books. 

We’re also Fortra’s top MFT partner across Australia and New Zealand. 

If you’d like to discuss improving your cybersecurity through MFT, please feel welcome to contact us. We’re always happy to have an obligation-free discussion and explain how simply and affordably we can bolster your protections against cyber criminals.