If you hear about ransomware attacks in the news, you may believe that they only occur in large companies. But small businesses actually bear the brunt of the attacks, and there are many reasons why.
Ransomware is a type of malware which infects and encrypts computer files, then demands payment from the owner of the data to unencrypt them. It is a growing threat, and a thriving industry.
However, the majority of ransomware attacks target small businesses, rather than large organisations. Data from Beazley reports that up to 71% of ransomware attacks are on small-to-medium businesses.
Why smaller businesses?
From a hacker’s point of view, there are a number of reasons why a small business could be a more profitable target. While the ransom won’t be as much as it could be from a larger organisation, the likelihood of them receiving any money at all for the hack is significantly higher.
Small businesses are less likely to have effective cyber security practices in place. In a high-intensity start-up environment, routine cyber security practices such as keeping programs and operating systems up to date, or maintaining reliable antivirus can fall by the wayside. Many small business owners believe that a smaller pool of staff has fewer points of weakness, so there is less chance of a breach. However, you are only as strong as your weakest link – if one person shows a vulnerability, the whole business is at risk.
As well as this, the primary purpose of ransomware is to convince a business to pay the ransom. A large company will likely have the resources to mitigate the effects of the hack without paying the ransom – they have access to a dedicated IT team, and specialists who can recover the data. They can also employ a legal team to assist in compensating customers and pursuing the hackers.
In contrast, smaller companies don’t have access to sufficient resources to effectively recover their data, and due to small business owners being far more personally invested in their company, they may be more likely to impulsively pay the ransom to prevent the loss.
What are the risks?
Despite larger organisations being responsible for vastly larger amounts of data than small businesses, the latter stand to lose much more in the event of a cyber attack. Companies in the midst of establishing themselves could find their reputation gone following a cyber security breach, and that can be difficult to recover from. Malwarebytes reports that 1 in 5 small businesses affected by a ransomware attack had to immediately cease operations.
Large companies are able to deal with a loss of reputation more effectively, primarily because only a small portion of their customer base was affected. Those customers can be compensated, and other customers can continue to use the services. However, reputation is difficult to build, and small businesses could find their entire customer base infected by a ransomware attack. It is therefore far less likely that a small business will keep gaining new customers following a breach.
What can you do about it?
The most straightforward way to minimise the impact of ransomware attacks is to prevent them before they happen. Keeping operating systems and antivirus software up-to-date can be a hassle, but each new version includes important security patches to close holes in your systems. Vulnerabilities in older versions are one of the most common ways a hacker is able to get into your system – when the NHS was afflicted by ransomware in 2017, it was largely due to the fact that many machines were still running Windows XP, which had long become obsolete.
Although your systems may all be up-to-date, it’s always worth getting a backup solution in place for your data. If the worst does happen, having your data duplicated somewhere else can prevent you from truly losing it. To recover, rather than needing to pay the hackers to unencrypt the files, simply improve your system security and restore from your backups to get your files back.
However, there are occurrences where your backups may also be targeted by a ransomware attack, in order to truly leave you without your data. To avoid this, some backup solutions provide ransomware protection, such as our Cyber Protect solution. It has AI-based protection which will automatically protect backup data and the backup agent itself upon detecting an attack. After taking all of the preventative precautions you can, backing up your data with an intelligent system is the only way to go.
