Australian companies are among the most targeted with malware attacks, according to a global study.

New research by cybersecurity company NordLocker reveals that Australia is ninth in the world by ransomware attacks, with an unnamed “logistics company with billions in revenue” and “a national alcoholic beverages corporation” among those hit with attacks.

Despite the above examples, and the recent Optus hack, small Australian businesses are at the highest risk, accounting for 69.5 per cent of all attacks.

Out of 18 industries identified, business services lead the way, with 12.5 per cent of all attacks, followed by transportation and logistics (9.7 per cent), construction (6.9 per cent), consumer services (6.9 per cent), and healthcare (6.9 per cent).

LockBit and Conti are the most active ransomware gangs in Australia, responsible for 16.5 per cent and 11.4 per cent of attacks, respectively. This isn’t particular to Australia – these two groups are ranked one and two respectively with regard to ransomware attacks.

Only 4.2 per cent of ransomware attacks in the country targeted Australia’s public sector institutions.

“Ransomware gangs usually decide who their next target is based on two criteria,” explains says NordLocker’s Tomas Smalakys.

“The first one is how likely the targeted company is to pay up, which is weighed by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles, and other factors that, in the case of an attack, put pressure on the company to get operations back up and running.

“The second criteria is more straightforward and primarily deals with the depth of the company’s pockets and how lacking in cyber defenses their business is. When you look at the data through this lens, you see why certain industries are more affected than others.”