A new report from Malwarebytes contains a trove of data on SMBs and ransomware, and the numbers reveal lots of downtime and a lack of best practices.
A new report (registration required) from Malwarebytes has revealed how devastating ransomware can be for small and medium businesses—35% were hit by ransomware in the past 12 months, and one in six of those experienced more than 25 hours of downtime.
A day or more of downtime can be devastating for a small business that depends on its computers to accomplish work. The financial demand of ransomware may not be high (50% were less than $1,000), but when 22% of businesses have to completely cease operation to purge their systems it's bound to cost much more than the price the attacker demands.
To make matters worse, Malwarebytes found that SMBs aren't being as effective as they could be in preventing attacks.
The ransomware fallout
Productivity loss is the name of the game when it comes to ransomware infections. The actual infection rates for malware are comparatively low when contrasted with other attacks or breaches, but for those affected, the costs are great.
SEE: Ransomware: The smart person's guide (TechRepublic)
A quarter of those surveyed said they experienced one to eight hours of downtime during their most serious ransomware attack, 57% experienced at least 9 hours of downtime, and 43% were down in excess of 17 hours.
That's a lot of downtime.
Only 12% reported lost revenue due to a ransomware attack, but don't think of an attack just in terms of lost income—think of all the resources that have to be devoted to cleaning it up.
The real concern: How SMBs are (not) fighting ransomware
Only one-third of businesses surveyed said they were running anti-ransomware software, which is a problem when considered alongside another finding: The majority of SMBs think technology is the most effective way to stop ransomware.
Add to that the source of 64% of ransomware—an email attachment or email link—and you have a recipe for disaster.
When more than half of ransomware infections occur due to human error it's unlikely that adding more technology to the mix will solve the problem. Rather, user education is a key part of preventing more infections, lost data, and downtime.
SEE: The Four Volume Cyber Security Bundle (TechRepublic Academy)
20% of SMBs aren't providing security awareness training for their employees though, and that's a problem. Coincidentally, that figure lines up perfectly with the fact that 80% of respondents say addressing the growing ransomware threat is a high priority.
Are you doing all you can to stop ransomware?
IT professionals need to lead from the front when it comes to fighting ransomware. That means not only putting security software in place that can catch ransomware before it spreads, but also teaching users how to spot phishing attempts and other suspicious activity.
There isn't an "if" when it comes to ransomware attacks. Sooner or later you'll find your organization in that 35%. Taking the proper precautions now will save a lot of headaches, overtime, and lost revenue in the future.
Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.
- Only 35% of businesses were hit by ransomware in the past 12 months, but 22% had to cease operations immediately to address the problem. That means 62% of those hit by ransomware had to cease all operations to fix it.
- 64% of all ransomware attacks come from phishing emails. Users must be trained to recognize suspicious messages and to alert IT right away.
- 57% of ransomware attacks resulted in at least 9 hours of downtime, and 43% lasted in excess of 17 hours.
- Worried about ransomware? Here are 3 things IT leaders need to know before the next big outbreak (TechRepublic)
- No More Ransom project helps thousands of ransomware victims (ZDNET)
- How the GoldenEye/Petya ransomware attack reveals the sorry state of cybersecurity (TechRepublic)
- Ransomware attacks are getting easier, and the targets are getting bigger (ZDNET)
- Ransomware attacks: Here's what we need to learn from WannaCry and Petya (TechRepublic)