Australian firms face surge in AI-driven ransomware attacks

Australian organisations have identified ransomware as one of the top three business risks, as new research highlights a significant rise in attacks and growing concerns about the role of artificial intelligence in cyber threats.

Ransomware impact

According to the research from Opentext Cybersecurity, two out of five Australian companies reported experiencing a ransomware attack in the past year, and nearly half of those companies were targeted more than once. While a high proportion of respondents, 97%, expressed confidence in their ability to recover from such incidents, only 11% of those attacked managed to fully recover their data. A further 3% failed to recover any data at all.

One in three victims admitted to paying a ransom, with 41% of those paying USD $250,000 or more. Despite the frequency of incidents, just 11% of organisations that suffered attacks reported complete data recovery.

AI-related risks

The adoption of generative AI tools is increasing within Australian organisations, with 86% allowing employees to use them and only 51% putting formal policies in place. The survey found that more than half of respondents (56%) had seen increased phishing or ransomware activities attributed to AI, while 44% flagged attempts involving deepfake-style impersonations.

Data leakage remains the leading AI-related concern for respondents, followed by AI-enabled attacks and deepfake impersonations. The growing use of AI both internally and for malicious purposes has increased complexity for security teams, who must balance innovation with risk management.

Supply chain challenges

In addition to concerns about AI, the supply chain presents hidden cybersecurity risks. Nearly one in four organisations experienced a ransomware incident originating from a software vendor. However, 46% of Australian organisations said they had not experienced a ransomware incident linked to a software or services provider in the past year, a figure lower than the global average.

The research indicates that 80% of organisations now include cybersecurity assessments of their software suppliers as part of their risk management process, and 84% have a structured patch management programme in place.

Executive focus

The increased sophistication of ransomware attacks has brought cybersecurity to the attention of boards and executive teams. Sixty-nine per cent of respondents stated that their executive teams now consider ransomware a top three business risk. Customer and partner demand for assurance is also rising, with 64% of organisations having been asked about their ransomware readiness within the past year.

Investment priorities for 2026 suggest that companies are preparing for ongoing threats, with 59% planning to focus on cloud security, 52% on user training, and 51% on network protection. Regular security awareness training is now standard at most organisations, with only 4% reporting that no such training takes place.

Resilience and awareness

The challenge for many organisations, particularly smaller businesses, is to keep pace with changing attack methods and evolving governance requirements. The readiness to deal with ransomware is not only determined by internal controls but depends on collaboration with partners and suppliers to close potential security gaps.

"Organisations are right to be confident in their progress in security posture, but they can't afford to be complacent," said Muhi Majzoub, Executive Vice President, Security Products, OpenText.

"AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organisations of any size," said Majzoub.