Small businesses suffer as ransomware epidemic grows

Posted Sep 22, 2017 by James Walker
Small businesses are suffering from a ransomware epidemic. Firms have paid out a total of over $300 million in the past year, leaving them unable to make investments to develop their business. Recovering from the data loss can be an even greater struggle.
A laptop displays a message demanding payment for unlocking files encrypted by the ransomware attack...
A laptop displays a message demanding payment for unlocking files encrypted by the ransomware attack that spread from Ukraine and Russia
Rob Engelaar, ANP/AFP
Small and medium-sized businesses (SMBs) paid ransomware attackers over $301 million last year, according to Datto's new State of the Channel Ransomware Report. Across the world, around 5 percent of all SMBs were impacted by a ransomware campaign. Datto looked at 1,700 managed service providers to collect the data for its study.
The financial cost is only one of the problems caused by the attacks. Datto found the payments aren't the biggest impact, with firms finding it harder to recover from the subsequent downtime and data loss. 75 percent of the companies hit by an attack said they had to take their service offline afterwards, restricting sales and threatening the future of their company.
Ransomware's not being confined to a single industry or cloud network. Every business is at risk, although the healthcare, finance and manufacturing industries account for the majority of successful attacks.
Security software isn't enough to combat the threat. Attackers can install ransomware using several techniques, ranging from simple email phishing scams to complex network invasions via insecure computers or vulnerable IoT devices.
The established CryptoLocker ransomware strain is still the most popular form of attack. Variants such as CryptoWall and Locky continue to see use too, as well as this year's newcomer WannaCry.
READ NEXT: Aging infrastructure still impeding digital transformation
WannaCry infected global business networks over the summer by compromising computers running outdated versions of Windows. While its threat has now been mitigated, WannaCry's still being used by attackers to infiltrate unpatched systems.
Datto's most concerning finding is that the tide of ransomware shows no signs of receding. 97 percent of respondents said they're seeing ransomware attacks more frequently. 99 percent added that they expect ransomware usage to continue to grow over the next two years.
Despite the best efforts of cybersecurity vendors, current antimalware solutions are largely ineffective at evading opportunist ransomware campaigns. WannaCry demonstrated how effective ransomware can be, affirming to attackers that it's worth the added complexity over less accomplished forms of malware. With the chance of success still so high, ransomware's evolving into a long-term threat.
There is some hope for the overall landscape though. Datto found the number of firms actually paying the ransom has dropped since last year. In 2017, 35 percent of SMBs said they paid up after being infected, down from 41 percent in 2016.
Cybersecurity experts generally suggest ransom fees should not be paid. They allow the malicious actors to continue operating and offer no guarantee the data will be recovered. 15 percent of SMBs paid up only to find they still couldn't access their files, illustrating the risks of playing into the campaign. Opting not to pay the ransom could force ransomware authors to adopt other attacks, eradicating the current epidemic.