Barracuda Networks, Inc. has released new research showing one in three Australian organisations affected by ransomware have been hit multiple times in the last 12 months. The findings are detailed in the Ransomware Insights Report 2025, which also reveals the situation in Australia is particularly concerning, with 67% of repeat victims saying they are juggling too many security tools, and 62% saying their tools don’t integrate — disrupting visibility and creating blind spots where attackers can hide.
The report is based on the findings of an international survey undertaken by Barracuda with Vanson Bourne, gathering insights from 2,000 IT and security decision-makers across North America, Europe, including Australia. The results highlight how ransomware remains a persistent and lucrative threat, ruthlessly exploiting security complexity and coverage gaps to implement multidimensional attacks for maximum disruption and financial gain.
The research shows that:
- 7% of global organisations surveyed were affected by ransomware, including 67% of those in healthcare and 65% for local government.
- Ransomware payouts persist in Australia. In Australia, 43% of ransomware victims paid the attackers to recover or restore data. However, 41% of Australian organisations have established robust backup and disaster recovery systems in place. Across all the countries surveyed, only 32% of ransomware victims paid the attackers to recover or restore data, rising to 37% among organisations affected twice or more.
- Many ransomware victims have insufficient coverage in key security areas. Despite email being a primary entry point for cybercriminals, only 45% of Australian organisations surveyed had implemented an email security solution, leaving a significant attack vector exposed. This matters because email is a primary attack vector for ransomware: Globally, 71% of organisations that suffered an email breach were also hit with ransomware.
- Ransomware attacks are multidimensional. In Australia, just over a quarter (26%) of the ransomware incidents experienced by respondents involved data encryption, while a significant number involved the attackers stealing (21%) and publishing data (25%), infecting devices with other malicious payloads (32%), installing backdoors for persistence (31%), and more.
- The impact crater of a successful ransomware attack is expanding. In Australia, ransomware attacks had serious downstream consequences:
- 51% suffered brand and reputation damage
- 49% faced significant recovery costs
- 25% lost existing customers
- 25% missed out on new business opportunities
- 35% experienced employee productivity losses
“The findings make it clear that ransomware is an escalating threat, and fragmented security defences leave organisations immensely vulnerable,” said Dan McLean, Country Manager ANZ at Barracuda. “In Australia, we’re seeing a pattern where well-meaning investments in multiple tools create disjointed environments with limited visibility. To fight modern ransomware threats, we need simplification, integration, and smarter automation, not just more tools. Beyond data loss, ransomware is causing serious business disruption from lost customers to reputational harm. Australian businesses must take a proactive stance with integrated protection that not only blocks threats but also enables rapid detection, swift response, and effective recovery, to minimise risk exposure and reducing the blast radius of any breach across the digital ecosystem.”
Methodology
Barracuda commissioned independent market research company Vanson Bourne to conduct a global survey of 2,000 senior security decision-makers in IT and business roles in organisations with between 50 and 2,000 employees from a broad range of industries in the U.S., UK, France, DACH (Germany, Austria, Switzerland), Benelux (Belgium, the Netherlands, Luxembourg), the Nordics (Denmark, Finland, Norway, Sweden), Australia, India, and Japan. The fieldwork was conducted in April and May 2025.
You can read the full report here.
