More than one-third of small and medium-sized businesses have experienced a ransomware attack in the last year, a new Malwarebytes report claims, and 22 percent of these impacted businesses had to cease operations immediately.
Malwarebytes’ “Second Annual State of Ransomware Report” is based on the answers by 1,054 companies from North America, France, the UK, Germany, Australia, and Singapore.
The impact of ransomware on SMBs can be devastating. For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 22 percent reported that they had to cease business operations immediately, and 15 percent lost revenue.
Most organizations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. 75 percent of organizations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack.
For many, the source of ransomware is unknown and infections spread quickly. For 27 percent of organizations that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Further, more than one-third of ransomware infections spread to other devices. For two percent of organizations surveyed, the ransomware infection impacted every device on the network.
SMBs in the US are being hit harder than SMBs in Europe by malicious emails containing ransomware. The most common source of ransomware infections in US-based organizations was related to email use. 37 percent of attacks on SMBs in the US were reported as coming from a malicious email attachment and 27 percent were from a malicious link in an email. However, in Europe, only 22 percent of attacks were reported as coming from a malicious email attachment. An equal number were reported as coming from malicious link in an email.
Most SMBs do not believe in paying ransomware demands. 72 percent of respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third lost files as a result.
The financial services industry is most concerned about ransomware. Transportation entities are least concerned. 54 percent of firms in the financial services industry are concerned or extremely concerned about ransomware. Meanwhile, only 26 percent of transportation entities are this concerned about it.
Current investments in technology might not be enough. Over one-third of SMBs claim to have been running anti-ransomware technologies, while about one-third of businesses surveyed still experienced a ransomware attack.