For years, Australian organisations have been quietly paying millions in ransoms to hackers who have stolen or encrypted their data.
There has been a 60 per cent increase in ransomware attacks against Australian entities in the past year, according to the government's cyber security agency, the ACSC.
Just in the past six months alone, the frequency of attacks and the size of ransoms being demanded has increased significantly, said Michael Sentonas, chief technology officer of Crowdstrike, one of the largest cybersecurity companies in the world.
"I still speak to a lot of Australian organisations that say, 'Why would somebody attack us?'" Mr Sentonas said.
In ransomware attacks, criminals infiltrate an organisation's computer systems with the aim of stealing, encrypting or otherwise locking up data.
Security experts warn Australia is a soft target amid a "tsunami of cyber crime" which is costing the global economy about $1 trillion.