KnowBe4 Security Awareness Training Blog

Half of SMBs Will Pay the Ransom in a Ransomware Attack

Written by Stu Sjouwerman | May 12, 2019 11:43:12 AM

Despite the ability to properly protect against ransomware attacks, the latest data from AppRiver shows SMBs simply aren’t prepared to respond, and will, instead, pay up.

Ransomware is increasing at an alarming rate and from the looks of it, SMBs simply aren’t prepared. According to AppRiver’s 2019 Cyberthreat Index for Business Survey Report, three-quarters of SMBs believe a successful attack would be harmful to their business with only 36% believing they can actually survive a successful attack without sustaining short- and long-term business losses.

And rather than prepare with a strong defense and response plan, the data shows the cybercriminals have the upper hand:

  • 55% of all SMBs state they are willing to pay a ransom to recover encrypted data or to prevent it from being shared
  • Of larger SMB’s with 150-250 employees, 74% are willing to pay ransom with 39% of larger SMBs saying they “definitely would pay ransom at almost any price”

Of the 45% of SMBs stating they are unwilling to pay ransoms, legal, healthcare, and nonprofit industries topped the list.

The AppRiver data shows that, despite the availability of solutions to protect, detect, and remediate ransomware attacks, SMBs simply aren’t ready. Instead, SMBs should arm themselves with a simple, yet effective, strategy:

  • Backup – having backed up copies of any impacted data nullifies the need to pay the ransom.
  • Protect – Put email and web scanning in place, along with endpoint protection to keep malware from getting to the user.
  • Train – Educate users with Security Awareness Training to ensure that, should the user interact with malicious content in email or on the web, they are more likely to spot it and not be the next victim of a ransomware attack.

Free Ransomware Simulator Tool

How vulnerable is your network against a ransomware attack?

Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 13 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator