Information management firm OpenText has released its 2024 Global Ransomware Survey, revealing alarming trends in cyberattacks, particularly in software supply chains and the use of generative AI in phishing attempts.

The report highlights the urgent need for businesses to strengthen their cybersecurity measures, despite the additional measures introduced by the Albanese government in their Cyber Security Act to combat ransomware.

According to the survey, nearly half of the respondents admitted to paying a ransom after suffering an attack, with payments often ranging between $1 million and $5 million. This trend is concerning as it potentially fuels further attacks. The survey also found that 62% of companies that experienced a ransomware attack in the past year reported the attack originated from a software supply chain partner.

The use of AI in phishing attempts is also on the rise, with 69% of respondents who faced ransomware attacks observing an increase in such attempts. Interestingly, 46% of those affected by ransomware paid the ransom, potentially fuelling further attacks.

The survey also revealed that small-to-medium businesses reported higher rates of ransomware attacks (76%) compared to larger enterprises (70%). This indicates that cybercriminals are increasingly targeting smaller businesses, possibly due to perceived weaker security measures.

"SMBs and enterprises are stepping up their efforts against ransomware, from assessing software suppliers to implementing cloud solutions and boosting employee education. However, the increase in organisations paying the ransom only emboldens cybercriminals, fuelling more relentless attacks," said executive vice president and chief product officer at OpenText, Muhi Majzoub.

Majzoub further emphasised the need for proactive defence against sophisticated threats like supply chain vulnerabilities and AI-driven attacks. He said: “Businesses must proactively defend against sophisticated threats like supply chain vulnerabilities and AI-driven attacks, while ensuring resilience through data backups and response plans, to avoid empowering the very criminals seeking to exploit them."

OpenText Cybersecurity experts are available for interviews to discuss these findings and provide practical strategies businesses can adopt to strengthen their defences.

The OpenText Cybersecurity survey polled 1,781 C-level executives, security professionals, and security and technical directors from SMBs and enterprises in the United States, the United Kingdom, Australia, France, Germany, and India from August 23 to September 10, 2024. OpenText Cybersecurity provides comprehensive security solutions for companies and partners of all sizes.