SME firms battling heightened risk of ransomware attacks
A report has signalled a warning to boutique law firms, revealing that an increased number of ransomware attacks have caused a significant proportion of Australian SMEs to cease business operations immediately.
According to Malwarebytes’ Second Annual State of Ransomware report, ransomware attacks have caused 22 per cent of infected SME Australian organisations to cease operations.
In addition, the survey found that more than one-third of SMEs experienced a ransomware attack in the last year, and 18 per cent reported they lost revenue as a result.
Of the affected firms, the report noted that 71 per cent said the infection caused nine or more hours of downtime, with 20 per cent admitting their systems had been down for up to 100 hours.
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Marcin Kleczynski, CEO, Malwarebytes.
“However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise.
“[The findings demonstrate that SMEs] are suffering in the wake of attacks to the point where they must shut down operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies.
“To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
The report also found that when it came to identifying where a ransomware attack originated, more than a third of Australian SME owners admitted they did not know.
Of those that could identify the source, 22 per cent said it had been a malicious link in an email while a further 18 per cent pointed to an infected email attachment, the report said.
Furthermore, the report found that many SMEs were deploying solutions to address ransomware threats, both before an attack occurs and after one had occurred.
Some of the solutions highlighted include regular data backups, traditional email security solutions and network segmentation. In addition, some have also deployed ransomware-specific solutions, either on-premises or in the cloud.
Despite the effort however, the report noted that more still needs to be done with 31 per cent of those deploying solutions still having experienced an attack.
“Ransomware is showing no sign of abating, and so Australian businesses must give more attention to what is a potentially disruptive and costly threat,” said Jim Cook, ANZ Regional Director, Malwarebytes.
“By educating staff about the threat, deploying appropriate tools and undertaking regular backups, businesses can ensure they are best placed to withstand an attack when it occurs.”