Ransomware crippling SMEs

Ransomware is causing damage to small to medium sized businesses with implications for the banks as many businesses have had to cease their operations over the past year.  

Ransomware uses software such as infected email links to block access to a business’ data and computer system unless a ransom is paid.

According to a report by global cybersecuirty firm Malwarebytes, Australian businesses were higher on average to pay the ransom – 45 per cent compared to 21 per cent in the United States. Such sums were typically small - $1,000 or less, however, the key issue from these attacks was business continuity. 

“While the impact of ransomware can be damaging to small businesses, the ransom demands aren’t the biggest problem– it’s the downtime,” Malwarebytes regional director Jim Cook said. 

Among the SMES that have been impacted, 22 per cent of companies said they had to cease business operations immediately and 18 per cent lost revenue. 

“Our research found that for 24 per cent of impacted businesses, a ransomware infection caused 25 or more hours of downtime, with some SMEs reporting that their systems were down for more than 100 hours,” Cook said.

The frequency of ransomware attacks place a bigger burden on the banks to help their business customers solve the issue and start trading again

In fact, the amount of high levels of ransomware-induced downtime for Australian businesses were higher than the global average of 17 per cent. 

According to Cook, this has a significant implication for banks who often get called upon as part of their cyber outreach programs when issues such as this occur.  

“Not only will this frequency of ransomware attack place a bigger burden on the banks to help their business customers solve the issue and start trading again but it will also lead to a reduction in banking transactions occurring whilst a business re-images its computer fleet.”

For many of these SMEs, the source of ransomware was not known. Among those that could identify the source of the infection, it was most often a malicious link in an email – 22 per cent or a malicious email attachment 18 per cent. 

While most SMEs used email security solutions and backups as their way of preventing or recovering ransomware, most do not yet have anti-ransomware technologies in place. 

According to Malwarebytes, cybersecurity is a bigger industry than the illegal drug trade, worth well over billions of dollars. 

The report surveyed 175 SMEs across a broad range of industries and was conducted in June 2017. 

Upcoming Events
See all upcoming events
Subscribe to receive insights delivered straight to your inbox
Latest news, unbiased expert analysis and insights across banking and finance