Ransomware targets US SMBs due to weaker protection and greater willingness to pay up

Razvan Muresan

June 15, 2017

Ransomware targets US SMBs due to weaker protection and greater willingness to pay up

Attackers are now targeting small and medium businesses to extort higher fees, a Bitdefender survey shows, meeting the company’s predictions for 2017.

One in five small and medium businesses (SMBs) in the US reported a ransomware attack within the past 12 months, according to a Bitdefender survey of 250 IT pros in the US working in SMBs, carried out by Spiceworks.

Some 38% indicated they paid ransom - $2,423 on average - but most did not recover the encrypted data. Ransomware, a type of malware that locks and usually encrypts a computer’s files until the victim pays to regain access, is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network.

On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016, a 300-percent increase over the approximately 1,000 attacks per day seen in 2015, according to the U.S. Department of Justicmalwae. SMBs are ideal targets for ransomware developers as some do not invest in security solutions, yet they handle sensitive business information (i.e. customer data, financial records, product info), targets that cyber-criminals value most.

Bitdefender’s survey shows that less than half (45%) of the SMBs that paid to regain access to their data after falling victim to ransomware actually got their information back. From those targeted, most were able to mitigate the attack by restoring from backup (65%) or through security software/practices (52%). A quarter of those targeted couldn’t find a solution to address the ransomware attack and lost their data.


Though relatively few organizations have recent experience with ransomware attacks, the threat is alarming. Some 69% of the participating IT pros expressed concern about ransomware, on par with their concerns about phishing (72%), and malware (72%). Nearly half of US SMBs also fear incidents stemming from lost or stolen devices, unintended disclosure / data leak due to human error, hacking, malicious insider data theft, or DoS/DDoS attacks.

On behalf of Bitdefender, Spiceworks surveyed, in February 2017, 250 IT pros in the US working in SMBs.

To stay safe from ransomware, SMBs are strongly encouraged to:

• Use an endpoint security solution

• Patch or update all endpoint software and webservers

• Deploy a backup solution

• Disable files from running in locations such as “AppData/LocalAppData” and deploy policies that restrict users from executing malware

• Limit users from accessing mapped network drives

• Protect email servers with content filtering solutions

• Educate employees on identifying spear-phishing emails and other social engineering techniques.

Read the full white paper here.

Contact an expert



Razvan Muresan

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on Bitdefender blogs.

View all posts

You might also like