Cybercriminals are finding businesses to be a reliable stream of income for ransomware, and small companies are especially vulnerable.
An IBM Security study released on Wednesday found that 70 percent of ransomware-infected businesses have paid their cyber attackers. Half of those payments were more than $10,000. More than half of the business respondents indicated that they are willing to pay ransom.
The study concluded that while small businesses are targeted less frequently than medium-size ones (29 percent vs 57 percent), small businesses are far more vulnerable. Only 30 percent of the small ones give their workers security training, as opposed to 58 percent for larger companies.
Infected consumers were less likely to pay than businesses, with half (50 percent) of consumers saying they paid the ransom.
Limor Kessem, IBM Security’s executive security advisor, says the report indicates that cybercriminals have “no boundaries when it comes to their targets.”
“The digitization of memories, financial information and trade secrets require a renewed vigilance to protect it from extortion schemes like ransomware,” Kessem said. “Cybercriminals are taking advantage of our reliance on devices and digital data creating pressure points that test our willingness to lose precious memories or financial security.”{ad}
Kessem told Channel Partners that partners have a “tremendous opportunity” to serve end-users in light of the threat.
“First, they need to help raise awareness of the threat. From a technology point-of-view this makes the implementation of cloud backup systems and incident-response plans become even more critical,” she said.
IBM said that the revenue cybercriminals gain from ransomware – that is, encrypting the someone’s data and refusing to give it back if a price is paid – is “growing north of $1 billion” and is expected to grow more. The company recommended that readers back up their data, disable macros, regularly update software and be cautious opening links in emails.
Resilient Systems, a company owned by IBM Security, just introduced a playbook for organizations to learn about ransomware detection and response.
“Fast-moving, sophisticated threats like ransomware require new and actively adaptive response methods,” Resilient CEO John Bruce said.
