A survey conducted by Datto, the leading provider of total data protection solutions for businesses around the world, has found that European-based small- to medium-sized businesses (SMBs) are being actively targeted by ransomware attacks. Some 87 percent of the 148 European IT service providers, which were questioned as part of a larger global survey, revealed that their SMB clients had been victimised by ransomware in the twelve months up to September 2016. A shocking 40 percent of survey respondents reported more than half-a-dozen separate attacks during the same time frame. In the United Kingdom alone, ransomware attacks were estimated to have cost businesses approximately ?7.35bn during 2016. The survey suggests that ransomware - which enables hackers to commandeer a company’s data and hold it under password protection until a considerable ransom is paid, usually in bitcoin - is rapidly becoming the weapon of choice for cyber criminals. Despite the widespread nature of these attacks, relatively few European SMBs - just 40 percent of those targeted with ransomware - went on to report these crimes to the authorities.
In a clear indication of ransomware’s growth as a major impediment to business, 27 percent of European respondents replied that they experienced multiple attacks in a single day. Such attacks can cause crippling downtime for businesses; 62 percent of European survey respondents mentioned that a ransomware attack led to business-threatening downtime.
“Ransomware is more than just a nuisance; it’s a major money-making operation backed by professional and well-funded organisations,” said Andrew Stuart, managing director, EMEA at Datto. “It’s fast becoming a massive problem for European SMBs. Our research shows they are experiencing business-threatening downtime as a result of being attacked. More often than not, these firms have deployed anti-virus software and other security measures in order to protect against ransomware, however, hackers are finding it way too easy to circumnavigate these defences.”
According to the survey’s other findings, the average ransom demanded was between ?500 and ?2,000; often a considerable expenditure for a small business with limited resources. Worse still, more than fifteen percent of respondents were subjected to a ransom in excess of ?2,000. Payment of the ransom did not always guarantee the data’s return, with 47 percent of those surveyed claiming they lost some of their hijacked data.
While ransomware affected all industries, the most vulnerable to attacks were the professional services industry, healthcare, and construction and manufacturing.
