SHARE THIS ARTICLE







New Global Research: Ransomware attacks caused 22 percent of infected small and medium-sized organizations to cease business operations immediately

Ransomware Attack Downtime, Not Ransom Demand, is the Business Killer

SANTA CLARA, Calif. – July 27, 2017 – Malwarebytes™, the leading advanced malware prevention and remediation solution, released its “Second Annual State of Ransomware Report” today. The multi-country study surveyed 1,054 companies with no more than 1,000 employees across North America, France, U.K., Germany, Australia, and Singapore. The report, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SMB environments, costs of attacks, attitudes towards ransom payments, preparedness and more. Survey results found that more than one-third of businesses have experienced a ransomware attack in the last year. Twenty-two percent of these impacted businesses had to cease operations immediately.

“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Marcin Kleczynski, CEO, Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”

“Second Annual State of Ransomware Report” top findings include:

The impact of ransomware on SMBs can be devastating. For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 22 percent reported that they had to cease business operations immediately, and 15 percent lost revenue.

For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 22 percent reported that they had to cease business operations immediately, and 15 percent lost revenue. Most organizations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. Seventy-five percent of organizations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack.

Seventy-five percent of organizations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack. For many, the source of ransomware is unknown and infections spread quickly. For 27 percent of organizations that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Further, more than one-third of ransomware infections spread to other devices. For two percent of organizations surveyed, the ransomware infection impacted every device on the network.

For 27 percent of organizations that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Further, more than one-third of ransomware infections spread to other devices. For two percent of organizations surveyed, the ransomware infection impacted every device on the network. SMBs in the U.S. are being hit harder than SMBs in Europe by malicious emails containing ransomware . The most common source of ransomware infections in U.S.-based organizations was related to email use. Thirty-seven percent of attacks on SMBs in the U.S. were reported as coming from a malicious email attachment and 27 percent were from a malicious link in an email. However, in Europe, only 22 percent of attacks were reported as coming from a malicious email attachment. An equal number were reported as coming from malicious link in an email.

. The most common source of ransomware infections in U.S.-based organizations was related to email use. Thirty-seven percent of attacks on SMBs in the U.S. were reported as coming from a malicious email attachment and 27 percent were from a malicious link in an email. However, in Europe, only 22 percent of attacks were reported as coming from a malicious email attachment. An equal number were reported as coming from malicious link in an email. Most SMBs do not believe in paying ransomware demands. Seventy-two percent of respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third lost files as a result.

Seventy-two percent of respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third lost files as a result. The financial services industry is most concerned about ransomware. Transportation entities are least concerned. Fifty-four percent of firms in the financial services industry are concerned or extremely concerned about ransomware. Meanwhile, only 26 percent of transportation entities are this concerned about ransomware.

Fifty-four percent of firms in the financial services industry are concerned or extremely concerned about ransomware. Meanwhile, only 26 percent of transportation entities are this concerned about ransomware. Current investments in technology might not be enough. Over one-third of SMBs claim to have been running anti-ransomware technologies, while about one-third of businesses surveyed still experienced a ransomware attack.

“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident in their ability to deal with it,” said Adam Kujawa, Director of Malware Intelligence, Malwarebytes. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”

To view the full global “Second Annual State of Ransomware” report for more detailed findings and analysis, visit https://go.malwarebytes.com/OstermanRansomware2017_PRSocial.html.

About Malwarebytes

Malwarebytes is the next-gen cybersecurity company that millions worldwide trust. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions. The company’s flagship product combines advanced heuristic threat detection with signature-less technologies to detect and stop a cyberattack before damage occurs. More than 10,000 businesses worldwide use, trust, and recommend Malwarebytes. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia, and a global team of threat researchers and security experts. For more information, please visit us at http://www.malwarebytes.com/.

Malwarebytes founder and CEO Marcin Kleczynski started the company to create the best disinfection and protection solutions to combat the world’s most harmful Internet threats. Marcin was recently named “CEO of the Year” in the Global Excellence awards and has been named to the Forbes 30 Under 30 Rising Stars of Enterprise Technology list and the Silicon Valley Business Journal’s 40 Under 40 award, adding those to an Ernst & Young Entrepreneur of the Year Award.

###

Follow us on Facebook: https://www.facebook.com/Malwarebytes

Follow us on Twitter: @malwarebytes https://twitter.com/malwarebytes

Follow us on LinkedIn: https://www.linkedin.com/company/malwarebytes

See us on YouTube: http://www.youtube.com/malwarebytes

Read our latest Malwarebytes Labs blog: https://blog.malwarebytes.com/