Ransomware writers looking for targets to pay up should start looking in the south-west Pacific, according to the third installment of the Telstra Security Report.
Surveying 1,252 people, of which 40 percent were in Europe, 23 percent from Australia, and 37 percent from elsewhere in Asia-Pacific, the report said approximately half of businesses paid malware ransoms.
"47 percent of Australian businesses who found themselves victims of ransomware paid the ransom, which was consistent across APAC," the report said. "Some 60 percent of ransomware victims in New Zealand and 55 percent in Indonesia paid the ransom, making it the highest for Asia. In Europe, 41 percent of respondent ransomware victims paid up."
Of those that paid up, 87 percent of Asian businesses got their data back, followed by 86 percent in Australia, and 82 percent in Europe. The report added that in the absence of proper backups, 83 percent of organisations in Australia would pay again, with Europe clocking in at 80 percent, and 76 percent of Asian responders saying they would pay again.
"Our research suggests that ransomware that specifically targets businesses tends to be more sophisticated, with attackers having the ability to release files, typically through central command and control systems, once the amount has been paid," the report said.
The report added that 29 percent of breaches in Hong Kong organisations were detected years after the incident, or never detected, with Taiwan reporting 25 percent, whereas the global average was 12 percent.
For recovery times, Australia improved to 74 percent of incidents resolved in less than two hours, up from 56 percent the year prior. APAC respondents said 67 percent of incidents were recovered in the same time frame, and 66 percent for European respondents.
"The improvement in response time in Australia is in line with the greater number of organisations putting in place an incident response plan (76 percent vs. 66 percent in 2016) as well as the frequency of which organisations are testing and reviewing their incident response plan," the report said.
As businesses continue shifting to the cloud, the report said the top concerns for businesses are the encryption and protection of data in transit.
"The security implications of running applications in these more complex cloud environments is that traffic is also shifting from the north-south direction (typical for perimeter security) to an east-west flow," the report said. "This east-west traffic is effectively able to bypass the perimeter security gateway and is therefore not visible or controlled within the virtual cloud environment.
"Businesses will also have to consider the trade-offs between managing data though private, public, or hybrid clouds. There are limitations on what cloud providers are liable for in the event of a breach that also need to be considered when choosing between platforms."