Supply chain vulnerabilities are facilitating a surge in ransomware

News
By published

Nearly two-thirds of SMBs experienced ransomware through software supply chain partners

Ransomware
(Image credit: Getty Images)

New research has claimed nearly as much as two thirds (62%) of SMBs have been impacted by a ransomware attack that originated through software supply chain vulnerabilities.

The report from OpenText notes this is creating apprehension with businesses, as 90% plan to increase collaboration with software suppliers to try and bolster their security practices.

Weaknesses in supply chains are a significant worry for SMBs, with 91% of respondents concerned about ransomware attacks on their organization’s downstream software supply chain or third-party and connected partners - with nearly half (49%) concerned enough to consider vendor changes.

AI in ransomware

Ransomware remains a serious issue for businesses, with 48% of respondents experiencing an attack, and 73% of those being hit within the last year. This affects SMBs more than large enterprises, but only by a small margin, with 76% of SMBs experiencing a ransomware attack in the past year, versus 70% of large enterprises.

Recovery after an attack is a mixed bag. The positive news is that 97% of respondents successfully restored their company’s data, but 46% paid the ransom to do so. The average ransom is rising too, with 31% of those surveyed paying over $1 million.

Research suggests attacks have as much as doubled thanks to AI, and this is reflected in anxieties from SMBs. Over half of all respondents (55%) reported that their company is now more at risk of ransomware thanks to the increased use of AI by threat actors, and 45% have already seen an increase in phishing attacks thanks to AI.

AI is increasingly being used in both cyberattacks and cyberdefence - with the landscape rapidly evolving to accommodate new technologies. AI tools are equipping cybercriminals with new capabilities and methods, making it more difficult for spam filters and antivirus to detect nefarious actors.

More from TechRadar Pro

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

Read more
Closing the cybersecurity skills gap
The critical need for watertight security across the IT supply chain
A graphic showing someone on a tablet working through a supply chain.
How phishing attacks are hitting the supply chain – and how to fight back
Security
Removing software supply chain blind spots that put public sector organizations at risk
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Cyber-security
Many firms see cyberattacks as their top business concern this year
A padlock resting on a keyboard.
AI-powered cyber threats demand enhanced security awareness for SMEs and supply chains
Latest in Pro
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
ai quantization
Shadow AI: the hidden risk of operational chaos
Digital clouds against a blue background.
Navigating the growing complexities of the cloud
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Latest in News
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
Google Pixel Watch 3
Google Pixel Watches hit with delayed notifications, crashing, and performance issues following Wear OS 5.1 update
More about pro
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
ai quantization

Shadow AI: the hidden risk of operational chaos
girl using laptop hoping for good luck with her fingers crossed

Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
See more latest
Most Popular
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Teenager playing on a gaming PC with two monitors
Samsung's OLED monitors are about to get much cheaper - and it's about time
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
Google Pixel Watch 3
Google Pixel Watches hit with delayed notifications, crashing, and performance issues following Wear OS 5.1 update
Frank Castle pinning Matt Murdock against a locker in Daredevil: Born Again episode 4
What time is Daredevil: Born Again episode 5 going to be released on Disney+?
AMD Ryzen 9950X
I analyzed 25 AMD Zen 4 and Zen 5 CPUs and the Ryzen 9 9900X is the best of them all right now: Here’s why
Ugreen \00d7 Genshin Impact Kinich Collectible Gift Box and exclusive Genshin Impact merchandise.
Ugreen reveals exclusive Genshin Impact collection and they're some of the most eye-catching charging products I've ever used