SMBs Paid Over $300 Million to Ransomware Attackers in the Past Year

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

Approximately $301 million was paid by small and mid-sized businesses (SMBs) to ransomware attackers from Q2 2016 to Q2 2017, according to a recent Datto survey of over 1,700 managed service providers (MSPs) that work with more than 100,000 SMBs worldwide.

Five percent of all SMBs worldwide fell victim to ransomware attacks over the past year. Among those that paid the demanded ransom, 15 percent still never recovered their data.

Still, the data itself often isn't the biggest concern. "The impact of downtime affects SMBs far more than the cost of ransom requests," Datto CTO Robert Gibbons said in a statement.

"Seventy-five percent of MSPs reported having clients who experienced business-threatening downtime as a result of a ransomware attack," Gibbons added.

Anticipating a Surge

Eighty-six percent of MSPs said their small business clients had been victimized by ransomware in the past two years, and 99 percent said they expect the number of ransomware attacks to continue to increase over the next two years.

And while 97 percent of MSPs said ransomware attacks are more frequent this year, less than a third of ransomware attacks were reported to authorities in 2016-2017.

The businesses themselves aren't as concerned, though -- while 90 percent of MSPs said they're "highly concerned" about the business threat of ransomware, only 38 percent of small business clients felt the same way.

"No single defense solution is guaranteed to prevent a ransomware attack," Invenio IT president Dale Shulmistra said in a statement. "The most effective means for business protection from ransomware is a backup and disaster recovery (BDR) solution, followed by cybersecurity training."

Hitting SMBs Hard

A separate Keeper Security survey of more than 1,000 IT profesionals at SMBs found that 51 percent of respondents reported experiencing either a ransomware attack within the past three to 12 months, and 53 percent of those had experienced more than one ransomware attack during that period.

Seventy-nine percent of respondents said the ransomware was delivered via a phishing/social engineering attack.

"Attacks are becoming more costly, with the average cost due to damage or theft of IT assets and infrastructure now exceeding $1 million," Ponemon Institute chairman and founder Dr. Larry Ponemon said in a statement.

"The average cost due to disruption to normal operations also increased to over $1 million compared to the 2016 report," Ponemon added. "One cyber incident could very well put a small company out of business."

Keeping Code Simple

Separately, a recent Carbon Black study of more than 1,000 ransomware samples found that almost 99 percent of ransomware attacks target Microsoft products. "Mac users were virtually untouched by the ransomware samples we researched," the report states. "In fact, we found only a small handful of families targeting MacOS."

In general, the researchers found, ransomware code is less complex than many other forms of malware. "A basic ransomware sample simply needs to traverse folders and encrypt files using standard Windows routines," the report states. "There is very little coding involved to make ransomware, and much of that code can be sourced from other online projects."

In fact, the researchers noted that some ransomware families don't use malware at all, allowing them to bypass traditional defenses. "Characterized by files that would not be detected as malicious by legacy anti-virus, these threats leverage 'trusted' native tools, such as Microsoft's PowerShell, to delete Volume Shadow Copies and encrypt files," the report states.

Submit a Comment

Loading Comments...