It does not take much for your business to be crippled by ransomware. An “innocent” click on a suspicious advertisement or a link in an email.
Even a visit to a legitimate website can land you in trouble, if the site is infected with code installed to redirect users to a malicious website.
When that happens, all your company files are encrypted and there will be a request for ransom. After you’ve paid, you will get back your files - or you may not, as some companies found out during a recent ransomware attack. Every 40 seconds, a business is hit globally and one in five SMBs do not get their data back even after they’ve paid the ransom.1
Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to the data unless a sum of money, or ransom, is paid. Some ransomware are even more vicious: your data is destroyed even after you have paid.2
According to the US Federal Bureau of Investigation (FBI) estimates, cyberthieves made off with $1 billion in 2016 alone.3
The FBI also reported that on average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300% increase over 2015’s approximately 1,000 attacks daily.4
Globally, 40% of businesses experienced a ransomware incident during 2015, with 60% of the ransomware attacks demanding $1,000 or more.5
If you think your business is safe because it is too small to attract a cyberthief’s attention, think again. A Cisco Umbrella6 report showed that the WannaCry ransomware attack in May 2017 hit 150 countries, infected 300,000 machines and victimised over 200,000 companies.
The point is, ransomware neither respects you nor your company. No company is immune, but SMBs are more vulnerable because of budget constraints and smaller spend on IT infrastructure and security.
What can SMBs do to beef up their defenses against ransomware attacks?
Some experts have suggested that companies buy insurance against cyber-attacks.7 This may not be cheap, and does not prevent an attack in the first place. Also, while insurance can help recover costs related to the ransom payment and other IT expenditure caused by the fallout, there is no guarantee that you can recover your data.
For ransomware, prevention is the best cure.
Here are some steps your company can take to reduce its exposure to attacks:
An IDC survey commissioned by Cisco Systems8 showed that many SMBs list Security as the highest priority when it comes to buying technology infrastructure for the company.
SMBs globally are now more aware of the need to protect against ransomware and other cyber-attacks.
The SMBs interviewed in the IDC study commissioned by Cisco9 also said that they rely on solutions provided by established brands, which they find more trustworthy and have enough built-in security.
Your business should not be left in the dark.
At Cisco, we know that customer data is the lifeblood of your company. Securing this information is non-negotiable. Ultimately, the best reason for a SMB to invest in a strong suite of cyber defence solutions is to secure customer trust. Learn how Cisco Start can help you do that.
 David Fitzpatrick and Drew Griffin, “Ransomware is expected to gross cyberthieves $1 billion in 2016 says FBI,” CNN Money, April 15, 2016
 How to Protect Your Networks from Ransomware, Federal Bureau of Investigation, https://www.fbi.gov/file-repository/ransomware-prevention-and-response-for-cisos.pdf/view
 “Lloyd’s warns of $120bn bill from extreme cyber-attack”, Financial Times, Tuesday, July 18, 2017
 Detailed findings of this study will be released soon.