The Australian Cyber Security Centre (ACSC) has released a special report on ransomware, noting it has observed an increase in the number of these incidents affecting Australian organizations and individuals. Some of the most significant takeaways from the report include that most ransomware incidents occurred after other malicious activity has been conducted against an organization (e.g. phishing campaigns) and that all sectors and individuals with information of value are potential targets for cyber criminals seeking opportunities for financial gain. The ACSC advises against paying ransoms, stating that doing so may increase an organization’s vulnerability to future incidents. In addition, it observes there is no guarantee that payment will undo the damage. It advises investing in preventative cybersecurity measures, such as keeping regular offline backups of business critical data and patching known security vulnerabilities, adding that it is more cost effective than the comparative costs incurred when attempting to recover from a ransomware incident. Read the report at ACSC.