Record Quarter for Local Ransomware Attacks

The first quarter of 2025 was the worst ever for ransomware attacks, with the highest-ever number of organisations named on data-leak sites.

The Q1/25 surge was driven by major activity spikes from ransomware groups Cl0p, Medusa, and FunkSec.

·         Cl0p, who accounted for more than third of all successful attacks, exploited zero-day vulnerabilities (CVE-2024-50623 and CVE-2024-55956) in Cleo managed file transfer (MFT) solutions, fuelling a 23% increase in overall ransomware activity between Q4 2024 and Q1 2025.

·         Ransomware-as-a-service (RaaS) group Medusa capitalised on the void left by disrupted ransomware gangs in late 2024, increasingly targeting critical infrastructure.

·         FunkSec utilised AI to develop malware which infiltrated 152 named victims this quarter.

Australian Orgs Under Attack

Australia ranked sixth among the most targeted nations for ransomware attacks in February.  We were the 11th most affected country for data breaches last year, with 47 million Australian accounts exposed - an astonishing average of one breach per second.

Since 2004, Australia has experienced 192.5 million breached accounts, the highest number in the Oceania region. More than 49 million unique Australian email addresses have been exposed, often alongside sensitive information such as passwords and contact details.

Changed Ransomware Tactics

According to Bitdefender, cybercriminals are increasingly targeting newly discovered vulnerabilities in internet-facing devices, rather than focusing on specific industries or businesses. 

Cybercriminals reportedly scan for new software vulnerabilities within hours of them being publicly disclosed. After accessing a targeted system, they then take time to manually infiltrate deeper, often delaying ransomware deployment by weeks or months.

Protecting Your Organisation

Holistic protection of your organisation’s valuable data requires both technology solutions and sound business practices.

Layered defences, with integrated solutions that address encryption, threat protection, and data loss prevention, enable safe collaboration without risking malware, mishandled data, breaches and non-compliance.

Given most breaches involve a human element, technology solutions need to be automated and easy for employees to use. Software needs to be able to manage:

• How access to data is granted;

• How access is authenticated;

• How access is tracked and controlled; and

• How access be speedily revoked, when needed.

  
  

Layered Protection

A standalone managed file transfer (MFT) solution – such as GoAnywhere MFT - is a great first layer of defence.  It provides security for files at rest and in-transit. 

However, integrating Threat Protection as an additional layer enables you to take appropriate action when there’s PII in the data moving in and out of your organisation.

Based on rules you predefine, our Advanced Threat Protection Bundle can mask, remove, or permit PII to be moved within your organisation and beyond, via a Secure ICAP Gateway.

Benign Rule

Adding granular rules-based controls to data handling is the killer feature of Advanced Threat Protection. For example, it enables you to:

• permit some specified individuals to transmit various categories of data, but not everyone;

• apply role-based access to your data; and

• audit who is sending what information.

  
  

GoAnywhere’s encryption can be enhanced by limiting who can transfer data and what that data contains. The automatic detection and sanitisation of files removes some of the human factor risks so that employees can focus on their work instead of fussing with manual interventions.

Augmenting technical solutions with employee training further reduces human factor risks.

Local Help at the Ready

At Generic Systems Australia, we are the Asia-Pacific region’s experts in deploying Managed File Transfer and Advanced Threat Protection. We’ve assisted dozens of organisations to protect their data and systems, while boosting their operational efficiency.

If you’d like to discuss how we can help you, please feel welcome to contact me.  I’m always happy to have an obligation-free chat and explain how simply we can transition you from your current approach. 

At Generic Systems Australia, we’re your local experts in data transfer.