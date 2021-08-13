Ransomware attacks on large enterprises like Colonial Pipeline dominate the headlines. But did you know small and medium-size businesses (SMBs) account for at least half of all ransomware attacks, if not closer to two-thirds, according to the U.S. Department of Homeland Security?1In fact, ransomware is the most common cyberthreat that SMBs face.2

Before we get into why SMBs are prime targets for attacks, it’s important to understand who these cyberattackers are, how they operate, and why they’re a major threat to your business today.

What it is. Ransomware is a type of malware that encrypts a victim’s computers, blocking use of the device and all access to their data. Cyberattackers essentially act as hijackers, demanding a ransom payment in exchange for the encryption key to unlock the data.

What it costs. The average ransomware breach cost $4.4 million in 2020.3 Beyond the cost of paying a ransom, the total cost of an attack can include revenue, profit, and productivity loss; costs associated with discovery, forensic investigation, containment, recovery, and costly insurance premiums; and, finally, reputational damage and lost market share.

Why attacks are increasing. In 2020, most businesses had to accelerate their digital transformation plans to enable the majority of employees to work from home. This rushed approach inevitably left infrastructures and endpoints vulnerable to cyberattacks. In addition, as businesses continue to move more people, systems, and assets to the cloud, the attack surface for cybercriminals will continue to grow at an astounding rate.

Why Cyberattackers Target SMBs

First, it comes down to sheer numbers: SMBs are the heart of most economies, accounting for 90% of businesses worldwide and representing over 50% of employment.4 Unlike enterprises, most SMBs don’t have sophisticated intrusion detection and intrusion prevention tools or offer formal cybersecurity training to employees. Despite the rise of attacks, research shows 25% of SMBs have no plans in place to mitigate ransomware attacks, and around 30% claim that they don’t have enough time to look for ransomware solutions.5 And finally, SMBs are more likely to pay the ransom than enterprises.

SMBs Need to Take Immediate Action to Mitigate Risk

The consequences of a ransomware attack on SMBs reach far beyond revenue or reputation. In 2020, the downtime costs resulting from ransomware were about 50x more expensive than the ransom itself. And an estimated 60% of small businesses fail within six months of a ransomware attack.6

The recent Kaseya ransomware attack, which affected between 800 and 1,500 small businesses, had the potential to touch 800,000 to 1 million small businesses around the world.7 The attack was a clear signal to SMBs that it’s no longer a matter of “if” they will be attacked, but “when.”

Now we’ll discuss specific steps your business can take to prevent and respond to attacks, and why today’s SMBs should take a layered approach to security.

How SMBs Can Outsmart and Outplay Ransomware Attackers

Ransomware cybercriminals are just getting started. Market trends and predictions reveal that ransomware is the fastest growing type of cybercrime, expected to attack a business, consumer, or device every 2 seconds by 2031.8 Cyberattackers are growing more sophisticated and dangerous, with many now threatening to publish the data or even sell it on the dark web and other sites if their ransom isn’t met.

Enterprising cybercriminals have started exploring ransomeware-as-a-service, a subscription-based model that enables less-tech savvy affiliates to use already-developed ransomware tools. This business model is expected to flourish, opening the floodgates for more attacks on SMBs.

Prevention and Response Strategies for SMBs

When a ransomware attack does happen, it’s imperative that you have a strategic, well-communicated response plan in place and ready to execute. Rapid action taken by IT, employees, executives, and others is critical to capturing, shutting down, and removing the malware as quickly as possible.

Make Prevention a Priority

Make your business a tougher target for cyberattackers to hit. Here are a few best practices to help keep you one step ahead of cybercriminals:

Keep your antivirus software up to date

Educate yourself and your employees with cybersecurity awareness

Be wary of pop-up installation requirements

Think twice before clicking on links

Don’t download apps from unknown sources

Back up all important files from your device

Update your apps and operating systems

Create an incident response plan

Layer Your Approach to Security

Because ransomware attackers can breach your organization through numerous vectors such as email spam, phishing attacks, or malicious web downloads, SMBs need layered security protection across their endpoints, gateway, and mail servers. Avast Business security services work together to protect your devices, data, applications, and networks. Here’s what layered security looks like:

Protect your endpoints with Avast Business Next-Gen Antivirus and Avast Patch Management

Protect your employees, data and assets with Avast Behavior Shields for web, file, and email

Back up and recover your data with Avast Business Cloud Backup

Secure your network for a digital world with Avast Business Secure Internet Gateway and Secure Web Gateway

To learn more about ransomware attacks, the impact to B2Bs, and what you can do to prevent, respond and mitigate risk, download our new white paper “Everything SMBs Need to Know About Ransomware in 2021: Balance prevention, defense, and recovery strategies to protect your business.”

