CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
health technologies

Search

Riaan
#
Ransomware
#
DevOps
#
MFA

Aussie Businesses Must Fight Ransomware Criminals

Tue, 18th Nov 2025
By Riaan Bronkhorst, Partner, Cyber Security & Privacy Risk Services, RSM Australia

Chances are that you, or someone you know, was affected by the Qantas Airways cybersecurity breach earlier this year, which compromised the personal data of almost 6 million customers and leaked more than 150 gigabytes of sensitive information.

The reality is that Australian businesses are falling behind the rest of the world in cybersecurity preparedness and this attack serves as an ominous warning.

If that's still not enough to spur action, the latest report from the Australian Signals Directorate reveals a 16 per cent surge in calls to the Australian Cyber Security Hotline compared with the previous year.

Another study by business advisory firm, RSM Australia, found that 31% of businesses are completely unprepared to respond to a cyber attack, leaving them wide open to financial loss, operational paralysis and reputational damage.

Cybercrime is no longer the domain of elite hackers. Today, attacks are commoditised, with pre-packaged ransomware kits and stolen credentials readily available on the dark web. Attackers exploit weaknesses in systems and, more often, in people. Social engineering, manipulating employees into revealing sensitive information or clicking malicious links, remains one of the most effective tactics.

Two attack vectors dominate the Australian business landscape:

  • Business Email Compromise (BEC): Hackers infiltrate email accounts to send fraudulent invoices or payment requests, leveraging trust within organisations.
  • Ransomware: A two-pronged threat where attackers steal data and lock systems, demanding payment for both restoration and confidentiality.

These attacks are low-cost for criminals but devastating for businesses, often resulting in prolonged downtime and regulatory penalties.

While large organisations invest heavily in cybersecurity, small and medium-sized enterprises (SMEs) often lack resources and awareness. Many assume they are too small to be targeted, but attackers frequently cast a wide net, exploiting any vulnerability they find. Industries such as healthcare and financial services are prime targets due to the sensitive data they hold, but no sector is immune.

Cybersecurity is not just a technical challenge - it's a cultural one.

Organisations must foster a cyber-aware culture, where employees question suspicious emails and report anomalies without fear. Education is critical because human error remains the weakest link.

From a technical standpoint, RSM recommends focusing on fundamental controls:

  • Multi-Factor Authentication (MFA): A simple yet powerful measure that prevents 99.98% of brute-force attacks.
  • Regular Patching: Outdated software is a gateway for attackers. Critical patches should be applied within 72 hours.
  • Network Segmentation: Separate guest, corporate and networks with sensitive information to prevent lateral movement by attackers.
  • Access Controls: Apply strict authentication for employees and third-party vendors.

Penetration testing and vulnerability assessments should be routine, not optional. Yet, only 40% of Australian businesses conduct annual testing - a figure that must rise to match global best practice.

Cybersecurity extends beyond your organisation. Supply chain vulnerabilities and third-party service providers can introduce significant risks. Upcoming regulations, such as APRA's CPS 230 Operational Risk Management Standard, will require financial institutions to assess end-to-end resilience, including their suppliers.

This shift highlights the need for businesses to scrutinise vendor security and enforce robust access controls.

Cyber insurance can provide financial protection and access to recovery specialists, but it's no substitute for proactive security measures.

Circling back to Qantas, the cyber incident highlighted how attackers bypass primary defences by targeting third-party vendors, and even with strong defenses, breaches can occur.

A clear incident response plan is essential. Businesses should know how to isolate affected systems, who to contact and how to communicate with stakeholders.

As cyber threats in Australia continue to rise, businesses cannot afford complacency.

Security is about strength in depth - protecting your perimeter, your people and your processes.

 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Exclusive: Yealink's Jeremy Chen on expanding into Australian retail
Avast warns of surge in fake online shops in Australia
Cloudera predicts industrial AI boom in Australia by 2026
One in three Australians open to AI shopping assistants
Canon expands imageFORCE range with new A3, A4 printers

Top stories

Why every business needs an AI strategy (even if AI isn’t the strategy)
Employment Hero tests real-time super ahead of 2026
How to detect fake players in online gaming
AI's next phase in Australia: 4 Predictions for 2026
Xero rolls out AI bank reconciliation with JAX tool