Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats for all sized businesses, has released new research showing one in three Australian organisations affected by ransomware have been hit multiple times in the last 12 months.
The Ransomware Insights Report 2025 highlights a particularly concerning situation in Australia, where 67% of repeat victims say they’re juggling too many security tools, and 62% report poor integration — leading to visibility gaps and blind spots attackers can exploit.
The report is based on the findings of an international survey undertaken by Barracuda with Vanson Bourne, gathering insights from 2,000 IT and security decision-makers across North America, Europe, including Australia.
Results have highlighted how ransomware remains a persistent and lucrative threat, ruthlessly exploiting security complexity and coverage gaps to implement multidimensional attacks for maximum disruption and financial gain.
The research shows that:
- 57% of global organisations surveyed were affected by ransomware, including 67% of those in healthcare and 65% for local government.
- Ransomware payouts persist in Australia. In Australia, 43% of ransomware victims paid the attackers to recover or restore data. However, 41% of Australian organisations have established robust backup and disaster recovery systems in place.
- Across all the countries surveyed, only 32% of ransomware victims paid the attackers to recover or restore data, rising to 37% among organisations affected twice or more.
- Many ransomware victims have insufficient coverage in key security areas. Despite email being a primary entry point for cybercriminals, only 45% of Australian organisations surveyed had implemented an email security solution, leaving a significant attack vector exposed.
- Email is a primary attack vector for ransomware: Globally, 71% of organisations that suffered an email breach were also hit with ransomware.
- Ransomware attacks are multidimensional. In Australia, just over a quarter (26%) of the ransomware incidents experienced by respondents involved data encryption.
- A significant number involved the attackers stealing (21%) and publishing data (25%), infecting devices with other malicious payloads (32%), installing backdoors for persistence (31%), and more.
The impact crater of a successful ransomware attack is expanding. In Australia, ransomware attacks had serious downstream consequences:
- 51% suffered brand and reputation damage
- 49% faced significant recovery costs
- 25% lost existing customers
- 25% missed out on new business opportunities
- 35% experienced employee productivity losses
“The findings make it clear that ransomware is an escalating threat, and fragmented security defences leave organisations immensely vulnerable,” said Dan McLean, Country Manager ANZ at Barracuda.
“In Australia, we’re seeing a pattern where well-meaning investments in multiple tools create disjointed environments with limited visibility,”
“To fight modern ransomware threats, we need simplification, integration, and smarter automation, not just more tools. Beyond data loss, ransomware is causing serious business disruption from lost customers to reputational harm,” McLean said
“Australian businesses must take a proactive stance with integrated protection that not only blocks threats but also enables rapid detection, swift response, and effective recovery, to minimise risk exposure and reducing the blast radius of any breach across the digital ecosystem.” he said.
The survey was commissioned by Barracuda and carried out by independent research firm Vanson Bourne after recording the responses from 2,000 senior IT and business security decision-makers across organisations with 50 to 2,000 employees.
Participants represented a broad mix of industries across the U.S., UK, France, Germany, Austria, Switzerland, Belgium, the Netherlands, Luxembourg, the Nordics, Australia, India, and Japan. Fieldwork took place in April and May 2025.
