Almost one in three Australian and New Zealand organisations that fell victim to ransomware attacks in the past two years paid off the criminal groups responsible to regain access to their data.

And the percentage was even higher in the insurance sector.

The industries hardest hit by ransomware attacks were insurance, banking and financial services, according to IDC InfoBrief’s August survey of more than 150 organisations.

It says 29% of leaders in the financial services sector reported a ransomware attack, and 60% said they had paid to regain access to their data – double the percentage across all industries.

Jamie Humphrey, Australia and New Zealand MD at cloud data manager and survey sponsor Rubrik, says mature backup regimes are essential to business resilience. While past surveys found only 6% of those polled said they would pay ransomware attackers, the “reality when confronted with an attack was very different”.

“Unfortunately, faced with the prospect of either halting operations until data could be restored or paying criminal organisations to have their data returned, a significant number of local businesses thought they had no choice but to pay those holding their data hostage,” Mr Humphrey said.

Bit with a comprehensive backup strategy, operations can be up and running within an hour of an attack by simply restoring data without having to engage the criminals.

“Secure backups are the best data insurance policy businesses have against these insidious attacks,” he said.

The survey shows 80% agreement that the volume and severity of ransomware attacks has increased in the past 24 months, and 74% of the respondents agree the attacks are becoming harder to detect and remediate.

The three cyber security threats reported having increased the most were phishing (51%), ransomware (43%) and targeted social engineering (42%).

Click here for the report.