For as much media attention ransomware is getting with large-scale cyber-attacks, it appears that many small and medium-sized businesses (SMBs) have failed to embrace the idea that they are ransomware targets. After all, why target an SMB when Fortune 500 companies have much deeper pockets? It appears when it comes to small businesses the sentiment is that a hacker is far more likely to attack Walmart than Wally’s Corner Market.
No target is ‘too small’ anymore
A few years ago this may have been this case. But in the last couple of years ransomware has become commonplace in all sizes of business. You only hear about the large breaches on the news, but this is happening to companies of all sizes.
Even within our own Province we have seen breaches in colleges/universities, art galleries, construction companies, and municipalities.
The reality is that an SMB’s size actually makes them more of a target and not less. The reason is that a successful hack on a major company is usually met with overwhelming return firepower. A huge company can respond with resources, system redundancy, and a whole toolkit to make the hacker’s lives tougher.
But the corner drugstore? Not so much. The corner drugstore will be brought to their knees and the owner may be more likely to simply pay the money so they can get on with their business. This has now created an odd inverted dynamic where the companies that are the most vulnerable are usually the ones that can least afford a hack.
According to Insureon, 71 percent of the targets of ransomware attacks are now SMBs costing up to $20 billion a year. “Small businesses often lack the security or training to prevent an attack,” Insureon reports.
Ransomware will get worse before it gets better
The main reasons for this are that small business owners are known to not invest in IT security, or in security awareness training. The bad guys view small business owners as low-hanging fruit and easy targets.
Small businesses are overconfident and underprepared. That’s a bad combination, as these stats show:
- 58 percent of SMB’s believe they are not a target.
- 43 percent have no Cybersecurity defense plan.
- 50 percent do not do any Security Awareness Training.
- 1 in 3 small businesses uses free consumer-grade cybersecurity.
- 1 to 5 small businesses use no endpoint security at all.
The bottom line is that if you run a small health clinic or even a family bakery with a handful of computers in the backroom, you are now a target.
The good news is that one of the most effective weapons is almost one of the least expensive: awareness training. Talk to Partek today to learn how we can train your team on how to identify threats that lead to ransomware and protect your most valuable investment of time – your business.