One in four SMBs has been hit with ransomware

Ransomware attack on a computer
(Image credit: Kaspersky)

A significant numbers small and medium-sized businesses have suffered a ransomware attack in the past 12 months, new stats from cybersecurity experts Avast are showing. 

The company recently polled 1,000 SMBs and found 26% having fallen victim to the dreaded cybercrime. Of that number, almost half (47%) decided to pay the ransom demand in order to get their data, and access to their endpoints, back. 

Despite paying the demands, the fallout is still painful - four in ten (41%) lost valuable data in the process, while a third (34%) lost access to their devices. 

Backing up sensitive data

The silver lining in the report is that awareness about cybersecurity is relatively high. Roughly half (48%) of the surveyed businesses perceive cyberattacks as their biggest threats, followed by physical security (35%) and supply chain issues (33%). Most firms (69%) believe they have enough information to protect themselves against such attacks, and 76% said they have already “taken measures” in that respect. Although, they’d love to get more support from the government. 

Backing up data seems to be on top of everyone’s agenda, as 63% of the surveyed firms do it at least once a week.

Avast also asked the respondents about the effects of the Russo-Ukrainian war on cybersecurity, and got quite interesting results. 

As it turns out, the war acted as a proper catalyst for cyber-warfare, with 68% of SMBs now being more concerned about cyberattacks than before the invasion. In fact, they got so worried about cybersecurity that they upped their spending on cyber-insurance, despite rising costs across the board. 

“The results from this survey highlight the problem, particularly in connection with ransomware which large portions of the small business population are ill-equipped to handle. They often wind-up paying ransoms without any guarantees they’ll get their data back. This is the saddest situation, but the good news is that unlike larger organisations, small businesses can be quick, agile and take advantage of a lack of bureaucracy to plan ahead before a crisis occurs,” comments Lindsey Pyle, Vice President of Strategy at Avast Business. 

“SMBs need to utilise these strengths to get prepared and to get a plan in place, which at the bare minimum should include implementing online and offline backups, installing an antivirus, setting up network monitoring and ensuring an automated patching regime is established.”

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.