In the ACSC Annual Cyber Threat Report 21-22, ransomware was assessed to be the most destructive cybercrime threat, which had impacted all sectors of the Australian economy. Ransomware is malicious software that makes data or computer systems unusable until the victim makes a payment, often in the form of hard-to-trace cryptocurrencies. However, victims don’t just face the financial costs associated with recovery, they also experience business downtime, potential data loss and reputational damage.

What signs of ransomware should I watch out for?


Cybercriminals often encrypt data after gaining illegal access to a system. This can happen in the same way as other computer viruses, for example, by opening or downloading malicious software. Avoid visiting unsafe websites, opening emails or files from unknown sources, and be cautious when clicking on links from emails or social media. Stay alert to common signs of ransomware. These signs include:

  • being unable to open your files
  • ransom messages requesting money
  • logins no longer working
  • files moving location
  • unusual file names or extensions. 

How should I protect myself from ransomware?


Being cautious with your online activity isn’t the only protection against ransomware attacks. The best way to prepare yourself for a ransomware attack is to create regular backups of your data. Regular backups make it possible to restore encrypted files, which may otherwise be impossible to recover. You can also prevent ransomware with a number of simple cyber security measures, such as:

  • Updating your devices and turning on automatic updates.
  • Using anti-virus software and turning on ransomware protection.
  • Securing your accounts by turning on multi-factor authentication.
  • Setting unique passphrases.
  • Securing your servers and minimising your external footprint.
  • Implementing access control for your business files.

What if I am attacked by ransomware?


If you become a victim of ransomware, the ACSC advises to never pay a ransom. There is no guarantee you will regain access to your information, nor does it prevent stolen data from being sold or published online. Paying also increases the likelihood of you being targeted again in the future.

More information

Learn more about the measures and other steps you can take to prevent ransomware.

Use the ‘Have you been hacked?’ tool to find out what to do if you think you’ve been targeted by a cyber attack.

Find out how to report an incident to the ACSC via ReportCyber.