Supply chain leaving Aussie orgs at risk of ransomware


By Dylan Bushell-Embling
Monday, 12 September, 2022

Supply chain leaving Aussie orgs at risk of ransomware

More than two-thirds (68%) of Australian organisations believe their supply chain partners and customers are making their own organisation a more attractive ransomware target, research commissioned by Trend Micro suggests.

A survey conducted for the company by Sapio Research of 107 IT decision-makers in Australia found that Australian organisations are increasingly at risk of ransomware compromise via their supply chains.

“We found that 48% of Australian organisations have had a supply chain organisation hit by ransomware, potentially putting their own systems at risk of compromise,” Trend Micro ANZ Technical Director Mick McCluney said.

But despite recognising the growing threat, many Australian organisations still aren’t taking steps to improve partner cybersecurity, the research found.

“The first step towards mitigating these risks must be enhanced visibility into and control over the expanding digital attack surface,” McCluney said.

Only 45% of Australian organisations are sharing knowledge about ransomware attacks with their suppliers and 25% indicated that they don’t share potentially useful threat information with partners, the research found.

Detection rates for threats such as ransomware (69%), data exfiltration (55%), as well as a threat actor’s initial access (53%) and lateral movement (33%) through a network also remain worryingly low, the research found.

Attackers are also increasingly leveraging the supply chain in their campaigns themselves, with 72% of organisations that have experienced a ransomware attack in the past three years indicating that their attackers had contacted partners and/or customers about the breach to force ransom payment.

Image credit: iStock.com/WhataWin

Related News

Tenable launches autonomous patch management tool

The new Tenable Patch Management add-on allows teams to prioritise and even automate the...

Veeam launches updated Veeam Data Platform

The newest release of the Veeam Data Platform introduces capabilities such as a recon scanner for...

CrowdStrike to buy Adaptive Shield

CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd