This study examines the experiences of 331 Australian individuals and small to medium enterprise (SME) owners who were victims of ransomware. It used survey data to understand how they were targeted and the vulnerabilities that were exploited in private and work-related settings. The results highlight both the human element in victimisation and the need for technological solutions to protect business owners from ransomware and its harmful effects.

Key findings

• Most ransomware victims had received multiple ransom messages in the past 12 months.
• SME owners were more likely to have received multiple messages and to have previously paid a ransom.
• Strong messaging should dissuade SME owners from making these payments, which increase the chances of repeat victimisation.
• SME owners reported impacts on many devices. The affected devices were also more likely to have been a work-issued device or a personal device used for work.
• SME owners were also more likely than other victims to report that the ransomware had spread to other workplace devices, systems or email accounts.