Supply chain vulnerabilities are facilitating a surge in ransomware

News
By
published

Nearly two-thirds of SMBs experienced ransomware through software supply chain partners

Ransomware
(Image credit: Getty Images)

New research has claimed nearly as much as two thirds (62%) of SMBs have been impacted by a ransomware attack that originated through software supply chain vulnerabilities.

The report from OpenText notes this is creating apprehension with businesses, as 90% plan to increase collaboration with software suppliers to try and bolster their security practices.

Weaknesses in supply chains are a significant worry for SMBs, with 91% of respondents concerned about ransomware attacks on their organization’s downstream software supply chain or third-party and connected partners - with nearly half (49%) concerned enough to consider vendor changes.

AI in ransomware

Ransomware remains a serious issue for businesses, with 48% of respondents experiencing an attack, and 73% of those being hit within the last year. This affects SMBs more than large enterprises, but only by a small margin, with 76% of SMBs experiencing a ransomware attack in the past year, versus 70% of large enterprises.

Recovery after an attack is a mixed bag. The positive news is that 97% of respondents successfully restored their company’s data, but 46% paid the ransom to do so. The average ransom is rising too, with 31% of those surveyed paying over $1 million.

Research suggests attacks have as much as doubled thanks to AI, and this is reflected in anxieties from SMBs. Over half of all respondents (55%) reported that their company is now more at risk of ransomware thanks to the increased use of AI by threat actors, and 45% have already seen an increase in phishing attacks thanks to AI.

AI is increasingly being used in both cyberattacks and cyberdefence - with the landscape rapidly evolving to accommodate new technologies. AI tools are equipping cybercriminals with new capabilities and methods, making it more difficult for spam filters and antivirus to detect nefarious actors.

More from TechRadar Pro

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.