More than half (55%) of executives at small-to-medium-sized companies (SMBs) said they would pay a ransom to hackers if it got them their stolen data back, according to an AppRiver report released Thursday. This number increases to 74% for professionals at larger SMBs, who reported they “definitely would pay ransom at almost any price” to either get their data back, or prevent it from getting stolen, the report found.

SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)

Ransomware is one of the most popular forms of cyberattack, compelling US companies to pay an average of $57,088 to get their data back, especially as attacks grow more targeted. However, 45% of SMB leaders said they refuse to engage cybercriminals demanding a ransom, the report found. Legal services and nonprofit SMBs, in particular, were the least willing to pay a ransom, regardless of the amount.

The majority (84%) of all SMB executives surveyed said they view social media sites and apps as the largest potential source of cyberthreats, the report said. Respondents said Facebook presents the biggest liability, with 77% saying they are most concerned using Facebook at work.

“Cybersecurity is no longer just a technology issue; it amounts to an off-balance sheet liability being carried by every company that isn’t adequately protected,” David Wagner, CEO of Zix Corporate, said in a press release. “Ransom scenarios, whether initiated through social media apps or any attack vector, have the potential to disrupt or destroy a business overnight.”

Many businesses fall victim to cyber attacks because of the amount of dispersed files they have, the report found. Nearly half (48%) of respondents said they have confidential business files saved across multiple devices, including laptops, tablets, smartphones, and network drives.

While 81% of SMB professionals said they store their confidential data in cloud-based systems, some 44% said they are concerned about the safety of that data in the cloud.

For advice on how SMBs can minimize the damage of ransomware attacks, check out this TechRepublic article.