More than one third of businesses have experienced a ransomware attack in the last year, while over one-in-five (22%) of these impacted companies had to cease operations immediately. That’s according to a study conducted by Malwarebytes.
The Annual State of Ransomware Report finds that the impact of ransomware on SMEs can be devastating. For roughly one-in-six of impacted organisations, a ransomware infection caused 25 or more hours of downtime, with some companies reporting that it caused systems to be down for more than 100 hours.
Further, among SMEs that experienced a ransomware attack, one-in-five (22%) reported that they had to cease business operations immediately, while 15% lost revenue.
“Businesses of all sizes are increasingly at risk of ransomware attacks,” said Marcin Kleczynski, CEO at Malwarebytes. “However, the stakes of a single attack for a small business are far different than those for a large enterprise. The findings demonstrate that some SMEs are suffering in the wake of attacks to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing such that we can better protect them.”
Most organisations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. 75% of those organisations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly 50% of the companies questioned expressed little to only moderate confidence in their ability to stop a ransomware attack.
For many, the source of ransomware is unknown and infections spread quickly. For 27% of organisations that suffered a ransomware infection, decision-makers couldn’t identify how the endpoint(s) became infected. Further, more than one third of ransomware infections spread to other devices. For 2% of the organisations surveyed, the ransomware infection impacted every device on the network.
SMEs in the US are being hit harder by malicious e-mails containing ransomware than SMEs in Europe. The most common source of ransomware infections in US-based organisations is related to e-mail use. 37% of attacks on SMEs in the US were reported as coming from a malicious e-mail attachment and 27% from a malicious link in an e-mail. However, in Europe, only 22% of attacks were reported as originating from a malicious e-mail attachment. An equal number were reported as having emanated from a malicious link in an e-mail.
Most SMEs don’t believe in paying ransomware demands. 72% of respondents believe that ransomware demands should never be paid. Most of the remaining organisations believe that demands should only be paid if the encrypted data is of value to the organisation. Among organisations that chose not to pay cyber criminals’ ransom demands, about one third of them lost files as a result.
Current investments in technology might not be enough. Over a third of SMEs claim to have been running anti-ransomware technologies, while about one third of businesses surveyed still experienced a ransomware attack.
“It’s clear from these findings that there’s widespread awareness of the threat of ransomware among businesses, but many organisations are not yet confident in their ability to deal with it,” said Adam Kujawa, director of malware intelligence at Malwarebytes. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”