Australian organizations suffer highest rate of data breaches, Rubrik report says

Australian businesses reported the highest rate of data breaches compared to global markets in 2023, a new survey shows. However, Australian businesses are less likely to suffer a “significant” cyberattack than their global peers.

Backup and recovery company Rubrik said Australia’s accelerated adoption of technologies such as cloud computing was partly to blame, as it urged Australian organisations to review their backups to improve cyber resilience.

Approximately 80% of Australian organisations have experienced a cyber incident

this The State of Data Security: Measuring Data Risk The report, based on a survey of 1,600 global IT and security leaders and telemetry data from 6,100 Rubrik customers, assesses the frequency of cyber incidents related to business email compromise, data breaches, ransomware attacks, insider incidents and inadvertent data exposure.

The report found that Australian companies have a data breach rate 50% higher than the global average. Other findings include:

• In 2023, 82% of Australian organisations experienced any type of cyber attack.
• 94% of organizations worldwide have experienced a “significant” cyberattack, although the report does not define what a “significant” cyberattack includes.
• Data breaches were the most common attack method in Australia, accounting for 54% of all incidents, compared to the global average of 38%.
• The study found that BEC attacks were the second most common attack method in Australia, with 45% of cyber incidents involving this attack.
• Australian organizations experienced an average of 28.17 attacks throughout 2023, which Rubrik found was comparable to the global average of 28.12.

Antoine Le Tard, vice president of Asia Pacific and Japan at Rubrik, said the report’s findings showed Australia was a favorite target for cyber attackers, in part because the country “is a mature market and an early adopter of cloud and enterprise security technologies.”

“As a result, local organisations have spent the last decade investing heavily in perimeter security, yet Australia leads the world in data breaches,” he said.

Cloud environments are highly targeted

While attacks occurred on a variety of infrastructure due to Australia’s widespread adoption of hybrid environments, cloud environments were the most attacked environment in Australia.

According to Rubrik’s report, in Australia:

• 75% of respondents reported malicious activity targeting cloud environments.
• SaaS was the second most attacked environment, with 60% of respondents reporting malicious activity.
• 46% of organizations reported that on-premises infrastructure was the third most targeted attack target.

Rubrik found that the majority of cloud tenants worldwide were targeted, with two-thirds of them being attacked:

• 67% of global respondents have experienced an attack in a SaaS environment.
• 66% have experienced an attack in their cloud environment.
• 51% experienced attacks in their internal environments.

Rubrik’s cloud computing findings are backed by research from cybersecurity firm Proofpoint, which found that 94% of cloud tenants were targeted in any given month last year, and 62% of targeted cloud tenants were compromised.

Blind spots are growing in the cloud, Rubrik warns

Rubrik said that while cloud computing is a powerful business enabler, it also carries inherent risks, especially sensitive data is vulnerable to attack. The company identified three security blind spots in cloud computing:

• Object Storage: Rubrik said 70% of the data in a typical cloud instance is stored as objects, which are usually not machine-readable by security appliances.
• Unstructured Data: 88% of data in object stores is in text or semi-structured files, which makes machine readability more difficult even if tools and processes allow visibility into object stores.
• Sensitive Data: More than 25% of all object stores contain regulated or legally required data, including protected health information or personally identifiable information.

Australian organizations also fall victim to ransomware attack

While data breaches were the most common type of attack in Australia, ransomware accounted for more than a third of local cyber incidents (36%), compared to 33% globally.

Rubrik points out Australian organizations are particularly likely to pay ransoms Cybercriminals. In fact, 97% of businesses reported paying a ransom to recover data or stop an attack.

The report also shows:

• Of reported ransomware cases in Australia, 70% of ransoms were paid following an encryption incident, or when criminals encrypt an organisation’s data and demand a ransom to restore access.
• In 54% of cases, the ransom was paid as a result of extortion threats, or when criminals stole an organization’s data and threatened to publish it if a ransom was not received.

Recorded Future tracked 4,399 publicly reported ransomware attacks across a variety of industries, including Its ransomware tracker Last year, that number increased 70 per cent year-on-year. Le Tard said the high rate of ransom payments following encryption incidents showed many Australian organisations were placing too much trust in perimeter defences.

“They were simply not prepared to recover their data after a successful attack,” he explained.

Rubrik calls on Australia to improve cyber resilience

Rubrik said the prevalence of attacks should prompt Australian organizations to seriously consider cyber resilience strategies (focused on business continuity and recovery after a cyberattack) and preventive measures. According to Rubrik’s report, in Australia:

• Lack of leadership involvement was the most common limiting factor following a cyberattack (22%).
• Ineffective backup and recovery solutions were the second most common limiting factor (21%).
• 17% of organizations cited a lack of organizational security expertise as a factor.
• 77% of Australian organisations that experienced a cyber attack chose to invest in new technologies and increase spending following the attack (compared to 55% globally).

Letard explained that “comprehensive Backup strategy is the best defense against ransomware attacks.

“It allows victims to quickly recover their own data without having to pay the attacker,” he said. “But investing here usually requires organizations to accept that a breach is inevitable.”