Ransomware threats against Australian legal and professional services firms remain at elevated levels, according to QBE’s latest threat intelligence report.

“Highly active and sophisticated” ransomware actors and some state-sponsored groups continue to target the sector in Australia and markets including the UK and the US, according to the insurer.

Ransomware attacks in the legal sector increased 54% last year compared with 2024, and professional services was among the top three industries most affected by ransomware breaches, the report says, citing data from various sources.

“The cyber threat to the LPS sector has remained a key risk as we progress through 2026,” the report says. “New groups have emerged, existing groups have ramped up their operations, while others have disappeared.

“What is clear is that ransomware and data extortion continues to be the most significant threat to almost every industry vertical, especially the LPS sector.”

Related article: Workforce vulnerabilities open door to ransomware, CTOs warn

QBE says the rate of ransomware payments has slowed since its last report in April last year, but the average amount demanded by hackers has risen. Law firms affected by ransomware breaches have recorded a 60% increase in extortion demands to average $611,000 last year.

The insurer predicts the drop in victims making extortion payments will “likely force [ransomware actors] to be less opportunistic and more targeted, going after sectors and market segments where operational disruption is highly damaging or where the confidentiality of data is paramount.

“These actors are also developing their technical capabilities to compromise back-ups, which are often what organisations lean on when they refuse to pay.

“Given the sensitivity of data held by LPS firms, this high threat from ransomware actors is likely to continue.”

---

From the latest Insurance News magazine: Why Anthropic's Mythos model seems to be inspiring equal amounts of consternation and confidence in cybersecurity circles

---