Ransomware Attacks Caused 22% of Infected SMB Organizations to Cease Business Operations Immediately
Malwarebytes, the leading advanced malware prevention, and remediation solution released its “Second Annual State of Ransomware Report” yesterday. The multi-country study surveyed 1,054 companies with no more than 1,000 employees across North America, France, U.K., Germany, Australia, and Singapore. The report, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SMB environments, costs of attacks, attitudes towards ransom payments, preparedness and more. Survey results found that more than one-third of businesses have experienced a ransomware attack in the last year. Twenty-two percent of these impacted businesses had to cease operations immediately.
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Marcin Kleczynski, CEO, Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
“Second Annual State of Ransomware Report” top findings include:
- The impact of ransomware on SMBs can be devastating. For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 22 percent reported that they had to cease business operations immediately, and 15 percent lost revenue.
- Most organizations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. Seventy-five percent of organizations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack.
- For many, the source of ransomware is unknown and infections spread quickly. For 27 percent of organizations that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Further, more than one-third of ransomware infections spread to other devices. For two percent of organizations surveyed, the ransomware infection impacted every device on the network.
- SMBs in the U.S. are being hit harder than SMBs in Europe by malicious emails containing ransomware. The most common source of ransomware infections in U.S.-based organizations was related to email use. Thirty-seven percent of attacks on SMBs in the U.S. were reported as coming from a malicious email attachment and 27 percent were from a malicious link in an email. However, in Europe, only 22 percent of attacks were reported as coming from a malicious email attachment. An equal number were reported as coming from malicious link in an email.
- Most SMBs do not believe in paying ransomware demands. Seventy-two percent of respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third lost files as a result.
- The financial services industry is most concerned about ransomware. Transportation entities are least concerned. Fifty-four percent of firms in the financial services industry are concerned or extremely concerned about ransomware. Meanwhile, only 26 percent of transportation entities are this concerned about ransomware.
- Current investments in technology might not be enough. Over one-third of SMBs claim to have been running anti-ransomware technologies, while about one-third of businesses surveyed still experienced a ransomware attack.
“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident in their ability to deal with it,” said Adam Kujawa, Director of Malware Intelligence, Malwarebytes. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”