Australia was among the 10 most targeted nations in a record-setting month for ransomware attacks, according to a cybersecurity report from Bitdefender.
The company’s March 2025 Threat Debrief found that ransomware incidents increased by 126% year-over-year, making last month the highest on record for reported attacks.
The analysis, based on open-source intelligence and ransomware leak sites, recorded 962 claimed ransomware victims worldwide in February 2025, compared to 425 in the same period in 2024. The Clop (Cl0p) ransomware group alone accounted for 335 of these attacks, marking a threefold rise in its activity from the previous month.
Bitdefender’s findings indicated a shift in ransomware strategies, with cybercriminals increasingly targeting newly discovered vulnerabilities in internet-facing devices rather than focusing on specific industries or businesses. Attackers are capitalising on software flaws that:
Cybercriminals reportedly scan for these vulnerabilities within hours of public disclosure. Once initial access is gained, attackers take time to manually infiltrate deeper into compromised systems, often delaying ransomware deployment by weeks or months.
The Clop group’s increased activity has been linked to its exploitation of two high-severity vulnerabilities – CVE-2024-50623 and CVE-2024-55956 – in Cleo file transfer software. Although these vulnerabilities were disclosed in late 2024, the time required for attackers to manually escalate their access aligns with the surge in reported victims this year.
Australia ranked sixth among the most targeted nations for ransomware attacks in February.
A separate study by cybersecurity firm Surfshark reported that 47 million Australian accounts were exposed in data breaches throughout 2024, an average of one breach per second.
Surfshark’s findings indicated that Australia was the 11th most affected country by data breaches globally last year, with a 12-fold increase in compromised accounts from the 4.1 million recorded in 2023.
Since 2004, Australia has seen 192.5 million breached accounts, the highest number in the Oceania region. More than 49 million unique Australian email addresses have been exposed, often alongside sensitive information such as passwords and contact details.
How do you see this cyber attack development? Please tell us below
