April 10, 2017 by

The Effects of Ransomware on Small and Midsize Businesses

A recent surge of Ransomware attacks on Small to Midsize businesses has caused many enterprises to re-evaluate their disaster recovery and security strategies. The reason these organizations have become a main target is due to their lack of funds to implement strong security measures. Ransomware attacks encrypt the files on a system, holding them hostage until the ransom is paid. Currently, the average price ransomware victims are paying is $679, a $385 increase from 2015. This malware can stealthily pass through IT networks undetected through phishing attacks, exploit kits, removable devices, or external network shares. Many new types of Ransomware are undetectable by antivirus programs. According to, PhishMe, Ransomware grew over 600% in 2016 and the total estimated losses of over $1 billion. Ransomware has become one of the most dangerous weapons cybercriminals can use against organizations and consumers.

In 2016, reported cases of ransomware attacks caused, 30% of businesses to lose revenue and 20% of businesses to go out of operation. It can take a business more than nine hours to recover, losing both revenue and time. Businesses can be forced to shut down all systems to handle the attack depending on the magnitude of the compromise. A shut down will not only cause the organization a loss of money, but also a loss in reputation. When affected by ransomware, businesses often pay the fee to get their data back, regardless of the price due to time sensitivity. However, often, even if the ransom is paid the attackers will still destroy all data. Security experts recommend not paying the ransom; consulting a firm, like LIFARS during an attack can help minimize loses. The long-term effects of an attack can be more costly than the initial impact.

It is essential for Small and Midsize organizations to be aware of current cyber threats, and make building strong defenses and disaster recovery a priority, using a multi-layer approach. It is recommended that small businesses hold employee awareness training, system updates, software patches, regular backups, and layered security. Many ransomware attacks come through phishing and use of social engineering tactics, which employees become victim of. Educating and training employees of the malware, tactics used, and how it is distributed will decrease the chance of a ransomware attack.

It is also important to constantly update applications, so the malware doesn’t come through a vulnerable and outdated source. Continually securing copies of data is vital to the businesses and should be kept at an offsite location, so if affected by the malware the company can run a scan on the infected machine and then restore the computer using the backups.

There should also be multiple sets of copies since ransomware works silently and encrypts files over a period of time, sometime even encrypting the backup data. This will save money and valuable resources. Implementing a multi-layer approach and frequently monitoring sensitive data can also help detect and stop ransomware attacks in their tracks.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

US Hospital Coughs Up $55,000 to Hackers after Ransomware Attack

A ransomware attack targeting a hospital in Greenfield, Indiana, has seen hackers make away with...

Read more arrow_forward

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

Ransomware Continues to Dominate as 2017’s Main Attack Vector

Cyber attacks are on the rise in 2017, clocking a staggering 238% jump in attacks against endpoints....

Read more arrow_forward