One in four SMBs has been hit with ransomware

Ransomware attack on a computer
(Image credit: Kaspersky)

A significant numbers small and medium-sized businesses have suffered a ransomware attack in the past 12 months, new stats from cybersecurity experts Avast are showing. 

The company recently polled 1,000 SMBs and found 26% having fallen victim to the dreaded cybercrime. Of that number, almost half (47%) decided to pay the ransom demand in order to get their data, and access to their endpoints, back. 

Despite paying the demands, the fallout is still painful - four in ten (41%) lost valuable data in the process, while a third (34%) lost access to their devices. 

Backing up sensitive data

The silver lining in the report is that awareness about cybersecurity is relatively high. Roughly half (48%) of the surveyed businesses perceive cyberattacks as their biggest threats, followed by physical security (35%) and supply chain issues (33%). Most firms (69%) believe they have enough information to protect themselves against such attacks, and 76% said they have already “taken measures” in that respect. Although, they’d love to get more support from the government. 

Backing up data seems to be on top of everyone’s agenda, as 63% of the surveyed firms do it at least once a week.

Avast also asked the respondents about the effects of the Russo-Ukrainian war on cybersecurity, and got quite interesting results. 

As it turns out, the war acted as a proper catalyst for cyber-warfare, with 68% of SMBs now being more concerned about cyberattacks than before the invasion. In fact, they got so worried about cybersecurity that they upped their spending on cyber-insurance, despite rising costs across the board. 

“The results from this survey highlight the problem, particularly in connection with ransomware which large portions of the small business population are ill-equipped to handle. They often wind-up paying ransoms without any guarantees they’ll get their data back. This is the saddest situation, but the good news is that unlike larger organisations, small businesses can be quick, agile and take advantage of a lack of bureaucracy to plan ahead before a crisis occurs,” comments Lindsey Pyle, Vice President of Strategy at Avast Business. 

“SMBs need to utilise these strengths to get prepared and to get a plan in place, which at the bare minimum should include implementing online and offline backups, installing an antivirus, setting up network monitoring and ensuring an automated patching regime is established.”

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
A computer being guarded by cybersecurity.
The impact of the cyber insurance industry in resilience against ransomware
Ransomware attack on a computer
Ransomware attacks surged in 2024 as hackers looked to strike faster than ever
Representational image of a cybercriminal
Should ransomware payments be illegal?
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring