It found that about a third of the businesses surveyed had experienced a ransomware attack in the last year. Concern over ransomware varied from a low of 57.7% in Australia to a high of 78.9% in France, with the US second at 74.2%.
Malwarebyte's "Second Annual State of Ransomware Report" covered 1054 companies with less than 1000 employees in North America, France, the UK, Germany, Australia and Singapore and was conducted by Osterman Research.
Kleczynski said the research findings indicated that SMBs were suffering to the point where they had to shut shop.
"To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies," he said. "To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
- Ransomware can devastate SMBs. In about one in six affected firms, a ransomware infection caused 25 or more hours of downtime, with some reporting downtime of more than 100 hours. While 22% ceased business operations immediately, another 15% lost money.
- Even though most SMBs (75%) placed a high priority on tackling ransomware attacks, they lacked confidence that they could deal with such incidents.
- Many did not know where the ransomware had come from and thus infections spread swiftly. About 27% were unable to identify how endpoint(s) were infected and in a third of the cases the ransomware spread to other devices. In 2% of cases, every single device in the organisation was infected.
- SMBs in the US were hit harder by malicious emails containing ransomware than their counterparts in Europe. Email was the most common attack vector in the US - 37% came from a malicious attachment and 27% from a malicious link in an email.
- In Europe, 22% of infections came from malicious email attachments and a similar percentage were attacked through malicious links in emails.
- Most SMBs did not believe in paying ransoms, with 72% saying such demands should be ignored. Of the remainder, most said the ransom said be paid only if the data that had been encrypted was irreplaceable. A third of those who did not pay up lost data as a result.
- Concern about ransomware was highest (54%) among the financial services sector, while transportation business entities (26%) were least concerned.
- More than a third of SMBs claimed to have been running anti-ransomware software, yet about a third still experienced attacks.
The US specific part of the survey can be downloaded here.