Ransomware Attack Downtime, Not Ransom Demand, is the Business Killer
Singapore, – 1 August, 2017 – Malwarebytes™, the leading advanced malware prevention and remediation solution, released its “Second Annual State of Ransomware Report” today. The multi-country study surveyed 1,054 small and medium enterprises (SMEs) across Singapore, France, U.K., Germany, Australia, and North America. The report, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SMB environments, costs of attacks, attitudes towards ransom payments, preparedness and more.
Ransomware is a relatively common problem for SMEs in Singapore, with the research revealing that more than one-third, 35%, of Singapore-based SMEs having experienced a ransomware attack in the last year. Close to a fifth (21%) of those who had been hit by ransomware had to cease all business operations immediately, and 11% lost revenue as a direct result of the attack.
The impact of ransomware is often measured in terms of cash lost through ransomware payments. However, the report finds that downtime caused by ransomware can have a more significant impact on one’s business. The majority of cybercriminals (53%) who strike SMEs in Singapore with ransomware ask for payments of less than USD 1,000. With only 7% asking for sums more than USD 10,000.
It seems that most of the pain incurred from being a ransomware victim can be tied to either the loss of files, with 33% of SMEs who refused to pay the ransom losing access to files as a result, or the downtime that it causes. More than 61% of companies in Singapore hit by ransomware, experienced downtime of more than 9 hours from a single incident of ransomware; the equivalent to a full working day.
It is clear that SMEs in Singapore view ransomware as a major problem, with ransomware ranking as the top security problem for SMEs along with malware infiltration thorugh email; 72% of respondents indicated they are critical problems. This was followed by email phishing (70%) and malware infiltration via web browsing (64%). The bottom three concerns were: insider theft of data (55%), phishing through social media (39%) and the physical theft of laptops and mobile devices (23%).
Despite being a top concern for SMEs in Singapore, only one out of 10 (9%) were confident that they would be able to stop ransomware attacks. Even SMEs who have been hit by ransomware previously are finding it difficult to pinpoint how they were infected, with a third of respondents (30%) indicating they did not know how they were infected. Not knowing how a ransomware infection started, can make removal of malware more difficult, and also makes it hard to determine what the company’s cybersecurity gaps are.
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Jeff Hurmuses, Managing Director and Area Vice President, APAC, Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
“Second Annual State of Ransomware Report” top findings for Singapore include:
- The impact of ransomware on SMBs can be devastating. For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 21% reported that they had to cease business operations immediately, and 11% lost revenue.
- Most organizations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. Of the Singapore SMEs surveyed, 73% place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack.
- For many, the source of ransomware is unknown and infections spread quickly. For 30% of organizations in Singapore that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Notably, more than 20% of ransomware infections spread to other devices.
- Most SMBs do not believe in paying ransomware demands. 62% of Singapore based respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third (33%) lost files as a result.
- Current investments in technology might not be enough. About one-quarter of SMEs in Singapore claim to have been running anti-ransomware technologies. However, 35% of businesses in the country have experienced a ransomware attack.
“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident in their ability to deal with it,” said Hurmuses. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”
To view the full global “Second Annual State of Ransomware” report for more detailed findings and analysis, visit link
Also published on Medium.