sb-eu logo
Story image

Small businesses repeatedly falling victim to ransomware - Kaspersky

16 Oct 2018

Small businesses with less than 50 employees can be a lucrative proposition for cybercriminals because of the data they hold on behalf of their clients and employees.

This can fetch a high price if sold or ransomed and can open up new revenue streams for enterprising criminals.

Besides the constant risk of cybersecurity disruption, a study from Kaspersky Lab has revealed that small businesses are also at risk because of their reliance on staff who are inexperienced at cybersecurity.

One-in-three firms this size entrust IT security to employees, who might not have the know-how necessary to protect businesses from prolific threats. 

The Kaspersky Lab report sheds light on how ransomware is impacting them — with findings showing that when these firms fall prey to ransomware, they tend to be victimised again and again.

Indeed, out of those small businesses that have suffered an incident in the past 12 months, many have fallen victim to multiple incidents – with 37% having experienced two or three infections.

This can have a crippling effect on a business because suffering downtime or a lack of access to files for prolonged periods can be extremely damaging.

Out of the ransomware victims surveyed, over a quarter (27%) have lost access to their data for weeks, meaning this issue is constantly putting small firms at risk of inactivity, and therefore loss of income and reputational damage.

Small businesses that are not cybersecurity-savvy are also more likely to pay the ransom requested as soon as possible to try to minimise downtime without knowing if the attacker legitimately has the ability or the intention to restore their business-critical data.

Kaspersky Lab B2B product marketing head Sergey Martsynkyan says, “Ransomware is one of the serious cyber threats faced by businesses today.

“When it strikes, it can have huge ramifications, no matter what size the business is. However, very small firms are particularly vulnerable to multiple incidents.

“One of the reasons for this may be that at many small businesses, the IT provision is managed by people that perhaps don’t know how to best avert the dangers – they simply don’t have the time or IT skills to cope with the threats”.

There are solutions in the market that can help businesses to protect themselves from the risk of ransomware and more.

Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Yubico launches latest YubiKey with NFC & USB-C support
Yubico has released a new hardware authentication key, designed to provide security through both near-field communication (NFC) and USB-C connections and smart card support.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
How security awareness training can safeguard companies from cyber-attacks
Training goes a long way in embedding a culture of cybersecurity compliance within the company.More