Due to a lack of resources, SMBs are the most vulnerable to ransomware attacks, according to the latest research from NordLocker, the encryption tool provider. The report noted that businesses with 51 to 200 employees were the most targeted and were followed by SMBs of 11 to 50 employees.
Businesses hit the most were in finance and construction and were based in the U.S. and the U.K. And the average cost of a ransomware attack is more than $4.5 million.
Regarding the lack of resources issue, Tomas Smalakys, chief technology officer at NordLocker, said employees that work in small companies “tend to wear many hats at once — salespeople also take care of marketing, CEOs take care of hiring and IT support take care of hardware needs, procurement, IT admin, and, if there’s any time left — cybersecurity. This makes companies easy targets.”
When asked what companies can do to mitigate attacks, Smalakys said protecting SMBs from ransomware “requires a comprehensive approach, and businesses should combine various tactics.”
This includes educating employees since the “human factor” is the number-one cause in cyberattacks. Smalakys said workers need training to recognize phishing and other suspicious activities. Using stronger passwords and multifactor authentication (MFAs) is also necessary.
Smalakys also urged businesses to “regularly back up all critical data and systems as well as maintain multiple copies of backups, including offline or offsite backups. This can ensure business continuity in case of a ransomware attack.” The CTO also said businesses need to conduct regular security audits — internally and externally. And he noted that segmenting and restricting access permissions “to the network can help contain ransomware infections. In addition, companies could deploy intrusion detection systems and implement network monitoring.”