Attackers are now targeting small and medium businesses to extort higher fees, a Bitdefender survey shows, meeting the company’s predictions for 2017.
One in five small and medium businesses (SMBs) in the US reported a ransomware attack within the past 12 months, according to a Bitdefender survey of 250 IT pros in the US working in SMBs, carried out by Spiceworks.
Some 38% indicated they paid ransom - $2,423 on average - but most did not recover the encrypted data. Ransomware, a type of malware that locks and usually encrypts a computer’s files until the victim pays to regain access, is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network.
On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016, a 300-percent increase over the approximately 1,000 attacks per day seen in 2015, according to the U.S. Department of Justice. SMBs are ideal targets for ransomware developers as some do not invest in security solutions, yet they handle sensitive business information (i.e. customer data, financial records, product info), targets that cyber-criminals value most.
Bitdefender’s survey shows that less than half (45%) of the SMBs that paid to regain access to their data after falling victim to ransomware actually got their information back. From those targeted, most were able to mitigate the attack by restoring from backup (65%) or through security software/practices (52%). A quarter of those targeted couldn’t find a solution to address the ransomware attack and lost their data.
Though relatively few organizations have recent experience with ransomware attacks, the threat is alarming. Some 69% of the participating IT pros expressed concern about ransomware, on par with their concerns about phishing (72%), and malware (72%). Nearly half of US SMBs also fear incidents stemming from lost or stolen devices, unintended disclosure / data leak due to human error, hacking, malicious insider data theft, or DoS/DDoS attacks.
On behalf of Bitdefender, Spiceworks surveyed, in February 2017, 250 IT pros in the US working in SMBs.
To stay safe from ransomware, SMBs are strongly encouraged to:
• Use an endpoint security solution
• Patch or update all endpoint software and webservers
• Deploy a backup solution
• Disable files from running in locations such as “AppData/LocalAppData” and deploy policies that restrict users from executing malware
• Limit users from accessing mapped network drives
• Protect email servers with content filtering solutions
• Educate employees on identifying spear-phishing emails and other social engineering techniques.