Broker Marsh has urged Australian businesses against underestimating the ransomware threat, labelling the data-encryption malware as the “biggest threat” they face from cyber adversaries.

Ransomware attacks have not only increased but the scale of the damage inflicted has also intensified. Extortion demands, which used to be in the sub-$1 million range, have risen to as high as $15 million.

“It’s the biggest threat faced by corporate Australia at the moment,” Pacific Cyber Practice Leader Kelly Butler told insuranceNEWS.com.au. “Ransomware is an easy one to deploy remotely so that is certainly a tactic from the threat actors that we are seeing here.

“It’s the way they get into the system, and extract the data.”

At a Marsh cyber webinar last week, Ms Butler said cyber criminals have sharpened their tactics, gunning for targets that they know are in possession of vast troves of valuable data.

“We call it ransomware 3.0,” she said. “Up until 2018, the landscape was really high volume/low value, with the target being generally hit by A standardised phishing campaign that we all know.

“Ransom demands at that stage were really $100 to $1000. You pay and they move on to the next victim.”

But Ms Butler says that has all changed since the start of last year.

“They realised the value of what they were able to lock down or draw out of the system,” she said. “We saw a trend towards game-hunting where the victims were known and targetted.”

She says a law firm in the US was recently hit with a $US100 million ($140 million) extortion demand after a ransomware group breached its IT system.

US-based cybersecurity firm CrowdStrike says so far this year it has prevented more than 41,000 attempted IT breaches. Last year it thwarted some 35,000 such attempts.

“That’s a staggering number,” Global Chief Technology Officer Mike Sentonas told the Marsh webinar. “The sheer volume of e-crime activity at the moment is just swamping everything else.”

He says the current landscape is one that plays into the hands of cyber attackers.

“COVI9-19 is probably the best business opportunity for attackers that they have ever had,” Mr Sentonas said. “If you are worried, you want to read about therapies and vaccines and research. It would be easy to present websites that were trying to position that sort of information and do it with malicious intent.”