Ransomware Victims Find Lost Productivity a Bigger Issue Than Payment Demands
Sydney – August 1, 2017 – Malwarebytes™, the leading advanced malware prevention and remediation solution has released its “Second Annual State of Ransomware Report”. The multi-country study surveyed 1,054 companies with no more than 1,000 employees across North America, France, U.K., Germany, Australia, and Singapore. The report, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SMB environments, costs of attacks, attitudes towards ransom payments, preparedness and more.
Survey results found that more than one-third of businesses have experienced a ransomware attack in the last year. Twenty-two percent of these impacted businesses had to cease operations immediately.
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Marcin Kleczynski, CEO, Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks to the point where they must shut down operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
“Second Annual State of Ransomware Report” top Australian findings include:
- Financial demands are usually low. Australian businesses that fall victim to ransomware attacks suffer more financial pain from disruption to operations than they do from the payments demanded by the attackers. Of the 175 Australian SMBs surveyed, 81 percent of those who had experienced a ransomware attack faced demands of US $1000 or less. Just four percent faced demands for more than US$ 10,000 and none had demands for payments of more than US$ 50,000.
- Disruption a larger problem. Twenty-two percent of Australian businesses that had suffered a ransomware attack had to cease operations immediately and 18 percent reported they had lost revenue as a result. This was higher than the global average of 15 percent. Of the affected firms, 71 percent said the infection caused nine or more hours of downtime, with 20 percent admitting their systems had been down for up to 100 hours. This was twice the global average recorded by the survey.
- To pay or not to pay. Among Australian respondents to the survey who had experienced an attack, more than half (55 percent) confirmed they did not make any payment. Of those opting to pay, 40 percent said they lost data files as a result of the decision. The survey found payment decisions varied by geography with just 16 percent of French and 17 percent of German businesses opting to part with money. However 21 percent of United States and 43 percent of British-based SMBs decided to do so.
- The source of the problem. When it comes to identifying where a ransomware attack originated, more than a third (31 percent) of Australian businesses surveyed admitted they did not know. Of those that could identify the source, 22 percent said it had been a malicious link in an email while a further 18 percent pointed to an infected email attachment.
- The spread of infection. Once an infection had occurred, many respondents found the attack quickly spread to other points on their networks. The survey found more than half (55 percent) had up to a quarter of their endpoints infected while a further 15 percent had between 26 percent and 50 percent infected. In four percent of cases infection levels reached as high as 99 percent.
"These results confirm the key problem with ransomware is not the ransom demand itself but the wider impact that an attack has on a targeted business," said Jim Cook, ANZ Regional Director, Malwarebytes. "The disabling of critical systems has a flow-on effect for everything from production and sales to customer service and support.
"They also demonstrate the reluctance of Australian businesses to yield to the demands of the criminals. Most clearly believe that they are better off to deal with any resulting fallout and get on with their daily activities."
The research found Australian businesses have tended to deploy a range of solutions to address the ransomware threat, either before an attack had occurred or after one had been suffered. Solutions deployed include regular data backups, traditional email security solutions, and network segmentation. Some have also deployed ransomware-specific solutions, either on-premises or in the cloud.
However, unfortunately, the results indicate that more needs to be done to combat the challenge. While more than one in three small and mid-sized businesses in Australia confirmed they are running anti-ransomware technologies, 31 percent still experienced an attack.
"Ransomware is showing no sign of abating, and so Australian businesses must give more attention to what is a potentially disruptive and costly threat," said Cook. "By educating staff about the threat, deploying appropriate tools, and undertaking regular backups, businesses can ensure they are best placed to withstand an attack when it occurs."
Malwarebytes is the next-gen cybersecurity company that millions worldwide trust. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions. The company’s flagship product combines advanced heuristic threat detection with signature-less technologies to detect and stop a cyberattack before damage occurs. More than 10,000 businesses worldwide use, trust, and recommend Malwarebytes. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia, and a global team of threat researchers and security experts. For more information, please visit us at http://www.malwarebytes.com/.
Malwarebytes founder and CEO Marcin Kleczynski started the company to create the best disinfection and protection solutions to combat the world’s most harmful Internet threats. Marcin was recently named “CEO of the Year” in the Global Excellence awards and has been named to the Forbes 30 Under 30 Rising Stars of Enterprise Technology list and the Silicon Valley Business Journal’s 40 Under 40 award, adding those to an Ernst & Young Entrepreneur of the Year Award.