According to the research Corporate IT Security Risks 2016* conducted by Kaspersky Lab, last year, one cryptomalware attack cost small and medium businesses up to $99,000 on average. Despite the fact that cybercriminals do not guarantee the return of corporate data, 34 per cent of entrepreneurs admitted paying extortionists.
The total damage caused by a cryptomalware infection is a combination of a variety of factors:
- partial or complete suspension of operations (internal business processes, financial transactions, etc.);
- the loss of valuable data (financial and project documents, customer or partner databases, etc.);
- reputational risks, and more.
In fact, the total amount of damage can be divided into two parts: the ransom and the related losses. The amount of related damage is, to a large extent, affected by shortcomings in the preventive work of the IT staff (poorly administered systems, outdated or missing backups, unreliable passwords, irregularly updated software, etc.). According to the Corporate IT Security Risks 2016 research, over 30 per cent of small and medium businesses representatives reported the loss of a significant amount of data due to cryptomalware.
“As we can see, almost one-third of SMBs still believe that paying the ransom is the most cost-effective way of getting their data back. The reality, however, is that the total damage for companies ends up being much greater and there is still no guarantee of recovering the corporate data in question. As criminals increase their efforts to make money by using cryptomalware, small and medium businesses should take preventative measures to minimise the risk of becoming yet another victim. In order to improve the efficiency of their protection against cyber-threats, we advise SMBs to use dedicated solutions and the advanced technologies,” comments Vladimir Zapolyansky, Head of SMB Marketing at Kaspersky Lab.