It\u2019s no secret that the scope and severity of ransomware attacks are on the rise. Yet, what often flies under the radar of small and medium-size businesses (SMBs) is that the target is not only larger enterprises.An overwhelming 85% of managed service providers (MSPs) report attacks against SMBs. Yet, remarkably, only 28% of SMBs are concerned about ransomware. Although demands may not hit the multi-million dollar levels that large organizations encounter, an attack can result in an extortion attempt reaching tens of thousands of dollars or more.Webroot\u2019s report, The Hidden Costs of Ransomware, found that:50% of attacks resulted in ransomware demands exceeding $50,00040% of these attacks required more than 8 man-hours to address (typically at a cost of $100 to $250 per hour)46% said the attack affected their customersTo be sure, the results can be dire for an SMB. The costs and loss of customers can significantly hurt a small or midsize company \u2014 especially on top of COVID-19-related challenges they\u2019re already trying to manage.Methods EvolveUnfortunately, the ransomware we\u2019re seeing today is far more sophisticated than what appeared only a few years ago. For one thing, the malware itself is sneakier and more difficult to detect. Phishing methods, including emails and links, often look like authentic messages. Once activated, the malware may hide in memory, or different versions of malware may lurk in various hidden folders and systems along with backup sets.Another concern: Ransomware-as-a-service has gone mainstream. It\u2019s now possible for individuals with limited technical expertise to download packages from the Dark Web and deploy them within minutes.Finally, professional ransomware gangs have altered their tactics. They\u2019re not only encrypting files and demanding a ransom. They\u2019re also exfiltrating sensitive data and demanding a ransom to avoid going public with the information. In many cases, these cybercriminals thoroughly research a company and pick targets and prices based on what they believe an organization can actually pay.Businesses that aren\u2019t adequately prepared face a conundrum: Pay the attackers and hope that they will decrypt files and not release sensitive information, or don\u2019t pay and suffer the consequences. Yet, even if an SMB pays the ransom, Webroot has found that about 17% of those that coughed up the money for a ransom still didn\u2019t get their data back.Getting DefensiveSMBs must start with the recognition that it\u2019s not a question whether your organization will be attacked, but rather when an attack will occur.As a result, a defense-in-depth strategy is essential. Key components include malware protection, digital rights management (DRM) and encryption, security tools such as VPNs and endpoint protection, DNS security that can detect risky websites, and authentication solutions, including multi-factor authentication (MFA). The latter can stop thieves even if they steal a password.It\u2019s also critical to install patches consistently and have multiple backups in place, typically in different places and disconnected from one another. Today\u2019s malware targets backups\u2014so you\u2019re not safe with a single set.However, perhaps the most important component is employee education and training. The latest 2021 Verizon Data Breach Report (the largest and most reliable assessment of breaches) has found that 85% of breaches involved a human element like phishing, pretexting or some other human error or social engineering.\u00a0Find an excellent MSP that not only understands technologies, but also knows how to layer them and build a proactive cybersecurity strategy. Focus on employee training. Have a response and recovery plan in place if you wind up getting hit. Finally, make sure you have the resiliency in backups and recovery that you never have to pay the ransom because there is a 17% chance you\u2019d pay and not get the data back anyway!For more information, visit Webroot.