Ransomware and the $99K SMB Shakedown

By Pedro Hernandez | Posted September 20, 2016

Quick question: How does parting with nearly a hundred grand because of lax PC security sound to you?

According to new research from Kaspersky Lab, small business owners can now add the high cost of a ransomware attack to the litany of reasons why they should protect themselves against this particularly nasty form of malware. Kaspersky's computer security specialists surveyed3,000 small and medium-sized businesses (SMBs) and found that a single crypto-malware or ransomware attack costs companies $99,000. A majority (67 percent) admitted that they lost at least some business data to ransomware.

[Learn more about small business security: Symantec Launches Endpoint Protection Cloud]

Once it invades a PC, ransomware blocks a company's access to files by encrypting them. The irony is not lost on Michael Canavan, vice president of Kaspersky Lab North America. Encryption is "not inherently malicious," he told Small Business Computing. "It's a good tool" that proves very effective in keeping a lid on private or sensitive information.

Typically, encryption provides an extra layer of security that renders data virtually irretrievable even if an attacker gains physical access to a system's hard drive. In the wrong hands, however, it can create major headaches for small business owners.

Small Businesses Face Big Security Risks

For consumers, getting hit with ransomware can put a damper on their day and lighten their wallets.

It targets financial documents, photos and other files they can't live without, Canavan said. Eager to regain access to their tax returns or irreplaceable memories, they'll often pay attackers up to a couple hundred dollars for the encryption keys that unlock their files.

Attackers know that there's only so much they can squeeze out of a household with an infected PC. Faced with the prospect of losing their files forever or trimming the family vacation budget, many people will opt for the former. So, malware coders have set their sights on more lucrative targets: businesses.

Canavan warned of ransomware that seeks out "data structures that are critical to the business." Instead of photos and personal files, certain types of ransomware have been known to glom onto databases, Web servers and other systems that businesses use in their day-to-day work. For added pressure, some include a timer that makes it impossible to recover data when it hits zero.

Just slightly more than a third (34 percent) of respondents admitted to paying extortionists money. It's a gamble: one out of five companies that pay a ransom never get their data back. While the average demand is $300, the cost for small businesses can escalate quickly.

Ransomware: a big cost for small business

Ransomware Spreads Like a Plague

Like encryption, collaboration technologies—particularly shared folders—are a double-edged sword when it comes to crypto-malware.

Small business networks are often littered with shared folders. It's a great way to trade files without overloading an email server with massive attachments. The downside is that ransomware seeks out these shared folders and uses them as a means to propagate across a network and infect additional machines. Multiply the average ransom of $300 by a couple dozen PCs, and the cost of regaining access to a company's valuable data can quickly skyrocket.

These one-off payments are just the tip of the iceberg, according to the Kaspersky report. The losses really start to mount when the workday screeches to a halt. Without access to key files, projects enter a holding pattern, deals are derailed and sales plummet. And companies that lose data to ransomware may have to rebuild some of their records and work hard to regain the trust of customers who may have been affected.

All told, small businesses can be on the hook for a whopping $99,000 because of a single brush with ransomware. To avoid the financial sting, Canavan recommends that companies protect their data. "Backup is a great way to mitigate the risk," he said.

It's also a good idea to keep endpoint security products up to date so they can detect and block new forms of crypto-malware as soon as they appear on the scene. If ransomware strikes, Canavan (not surprisingly) points users to Kaspersky's own NoRansom project, which is packed with tools and utilities that may help you recover their data. "In some cases, customers can get an encryption key without paying a ransom," he said.

[Info you need to know: 5 Cybersecurity Tips That Can Save Your Small Business]

Pedro Hernandez is a contributing editor at Small Business Computing. Follow him on Twitter @ecoINSITE.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Comment and Contribute


    Get free tips, news and advice on how to make technology work harder for your business.

    Learn more
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date