Report: Half of ransomware's SMB victims pay up

Forty-eight percent of the SMBs surveyed paid a ransom

More than 50 percent of small and midsized businesses have fallen victim to ransomware, and of those, 48 percent paid a ransom, according to a survey released today by Ponemon Institute and Carbonite.

The average company had four ransomware attacks last year, paid an average ransom of $2,500 per incident, and spent 42 hours dealing with the attack.

"We're nowhere near the end of the ransomware threat," said Norman Guadagno, chief evangelist at Carbonite, which provides continuous automated cloud backup services.

Of those who did not pay up, 42 percent said that having a full and accurate backup was the reason.

And only 13 percent said their preparedness to prevent ransomware was "high."

"People say, 'I know I should back up, have anti-virus, use strong passwords' -- but they don't do it," said Guadagno.

Only 46 percent of respondents said that prevention of ransomware attacks was a high priority for their company.

One reason could be that they don't think the hackers will bother with them.

According to the report, 57 percent of respondents said that their companies were too small to be a target of ransomware.

"Every business is potentially a target," he said. "If you have a computer, you're a target."

Norman Guadagno, chief evangelist at Carbonite

And if companies believe that the ransomware will get into their backups, making them useless, that's not true either, said Guadagno.

"Once you find out you have a ransomware infection, our team rolls back to before the point where you had the infection," he said.

If the file containing the ransomware malware was also backed up, that file is encrypted and inert, he said, and can't spread while it is stored in the cloud.

And there are processes in place to catch it so that it doesn't get restored when the infected system is cleaned out.

"Our tech support teams get all the latest tools and ensure that you're downloading a clean backup," he said.

There hasn't been a case yet of a customer getting reinfected from a bad backup, he said.

"I'm not saying that it's not a constant battle between us and them," he added. "But we feel very confident -- we've helped more than 10,000 over the past two years get their data back safely."

However, losing access to their data wasn't the only potential consequence of a ransomware attack, and that is where backups fall short.

According to the survey, 55 percent of companies said they thought it was either likely or certain that the ransomware also exfiltrated data from the infected device.

"That was a stunning statistic," he said.

Businesses should not only have anti-virus in place to keep ransomware from getting in, but also train their employees to spot potential attacks.

According to the survey, only 29 percent of respondents said they were confident that their employees could detect risky links or sites.

It just goes to show that you can't even trust cybercriminals these days.

"The criminals might be saying, 'Yup, we encrypted it, pay us, you'll get it back, and everyone is happy'," Guadagno said. "But they could also be poking through the data, looking for valuable information, and exfiltrating it. It could be that the criminals are not telling us the truth."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CarboniteNorman

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by Maria Korolov

Latest Videos

More videos

Blog Posts