New research has shown that one in three Australian organisations affected by ransomware have suffered repeat attacks in the past 12 months, according to the Ransomware Insights Report 2025 released by Barracuda.
The report draws from a survey of 2,000 IT and security professionals across multiple global regions, including Australia, North America and Europe. Australian organisations have emerged as notably vulnerable, with evidence attributing this to fragmented defence strategies, tool overload, and insufficient integration between cybersecurity solutions.
Repeat attacks and tool challenges
The findings indicate that 57% of global organisations surveyed reported a ransomware incident. Healthcare and local government sectors showed heightened vulnerability, with 67% and 65% respectively having been impacted.
For Australia specifically, the threat appears particularly stark. Of those affected by ransomware more than once, 67% indicated that an excess of security tools was hampering their ability to manage threats effectively. Additionally, 62% found that their security tools lacked integration, disrupting organisational visibility and producing blind spots that attackers are able to exploit.
Persistence of ransomware payments
Ransomware financial extortion continues to affect many organisations. In Australia, 43% of ransomware victims admitted to paying attackers in order to recover or restore critical data. This compares with a global average of 32%. Among organisations globally who have experienced multiple attacks, the figure increases to 37%.
Despite these payouts, just 41% of Australian organisations reported having robust backup and disaster recovery systems established, highlighting a resilience gap across the sector.
Email security shortcomings
Email remains a primary vector for ransomware distribution, yet only 45% of Australian organisations surveyed had an email security solution in place. The report emphasises the seriousness of this gap, noting that globally, 71% of organisations that experienced an email breach also suffered a ransomware attack.
Multidimensional attack methods
The survey found that ransomware attacks are multifaceted. In Australia, 26% of ransomware incidents involved data encryption. Attackers also engaged in stealing data (21%), publishing data (25%), infecting machines with additional malicious payloads (32%), and installing backdoors for persistent access (31%).
This diversity of tactics underscores the growing complexity of ransomware operations and the risks of insufficiently coordinated defences.
Consequences for organisations
The ramifications of ransomware attacks in Australia extend beyond immediate operational disruption. According to the report, 51% of affected organisations suffered damage to brand and reputation, 49% faced substantial recovery costs, 25% lost existing customers, another 25% missed business opportunities, and 35% experienced drops in employee productivity.
Expert perspective
“The findings make it clear that ransomware is an escalating threat, and fragmented security defences leave organisations immensely vulnerable,” said Dan McLean, Country Manager ANZ at Barracuda. “In Australia, we’re seeing a pattern where well-meaning investments in multiple tools create disjointed environments with limited visibility. To fight modern ransomware threats, we need simplification, integration, and smarter automation, not just more tools. Beyond data loss, ransomware is causing serious business disruption from lost customers to reputational harm. Australian businesses must take a proactive stance with integrated protection that not only blocks threats but also enables rapid detection, swift response, and effective recovery, to minimise risk exposure and reducing the blast radius of any breach across the digital ecosystem.”
Survey methodology
The survey underpinning the report was commissioned by Barracuda and conducted by market research firm Vanson Bourne in April and May 2025. It targeted senior security decision-makers in IT and business functions at organisations ranging in size from 50 to 2,000 employees, across a broad spectrum of industries and countries including Australia, the United States, the United Kingdom, France, Germany, Austria, Switzerland, Belgium, the Netherlands, Luxembourg, Denmark, Finland, Norway, Sweden, India, and Japan.
