The Rise of Ransomware

Ransomware is one of the most significant cyber threats facing Australians, due to its disruptive, financial and reputational impacts.

In the ACSC Annual Cyber Threat Report 21-22, ransomware was assessed as the most destructive cybercrime threat, and impacted all sectors of the Australian economy.

Ransomware is malicious software that makes data or computer systems unusable until the victim makes a payment, often in the form of hard-to-trace cryptocurrencies.

The ransomware business model is evolving. Cybercriminals are no longer just encrypting victims’ sensitive data and demanding ransoms, they are also increasingly threatening to publically release the data. Along with potential data loss, the changing model has increased the harm and reputational damage a ransomware attack could cause to businesses and individuals.

What can you do?

The best way to protect yourself against a ransomware attack is to be prepared.

The ACSC is encouraging all individuals and families to protect themselves. Some of the steps you can take include:

  • Set-up and perform regular backups to an external storage device, such as an USB stick or the cloud.
  • Activate automatic updates to regularly update your devices.
  • Use anti-virus software and turn on ransomware protection.
  • Turn on multi-factor authentication.
  • Be careful opening or downloading files you didn’t expect to receive.

Use the ACSC’s learning resources  

Individuals and families can learn additional steps to protect their information and respond to ransomware by reading our easy to follow guides found on our ransomware page.  

If you suspect you have been a victim of ransomware our Have you been hacked? tool is another useful resource. It is designed to step potential victims through a series of scenarios such as ransomware attacks, to help them assess if they’ve been hacked and guide them on how to respond.

If you fall victim to ransomware, the ACSC advises against paying a ransom. There is no guarantee you will get your files back, nor does it prevent your data from being sold or leaked online. Instead, report the incident to the ACSC via ReportCyber at

<< Go back to the previous page