SMBs Paying Ransomware Demand Have 50% Chance to See Files Decrypted

It is anything but surprising to learn paying a ransomware attacker is not the best course of action. Doing so will have severe consequences for any malware victim on the planet. Every time a payment is made, criminals are incentivized to continue causing havoc in the online world. Moreover, it is also never a guarantee to see encrypted data returned to its original state, as a new study shows.

Files Are Decrypted Only Half of the Time

A new study conducted by Spiceworks, shows how small and medium-sized businesses are a prone target for malware attacks. That is anything but surprising, considering these companies have a lot more to lose when it comes to dealing with encrypted data they can no longer access. Larger corporations have a dedicated IT staff to make ransomware attacks nearly impossible, whereas SMBs do not have that luxury.

Unfortunately for smaller businesses, this also means paying the ransom – usually in Bitcoin – is their only way to restore file access. Although some companies create data backups on a regular basis, not all of them get to do so. Moreover, quite a few types of malware do not allow users to restore files from a backup either, as they delete the Shadow Volume Copies while encrypting the other files.

Paying the ransom demand is never advised, though. Not only does it incentivize criminals to conduct their business as usual against other SMBs, but it is no guarantee of having files restored. In fact, the report by Spiceworks shows nearly 45% of ransomware payments result in the files remaining encrypted because the criminals do not provide the decryption key. That is a very worrisome development, especially when considering how these companies often pay four figures or more to get files restored.

It seems evident the boundaries of cybercriminals are changing. Instead of going after companies that have “money to spare” criminals have become far less picky about what targets they pursue. As long as there is a payment on the horizon, ransomware distributors will go after any potential target they can find. SMBs Provide a weaker target since they are often ill-equipped to deal with any major malware attack. In fact, security researchers claim SMBs present the “sweet spot” between consumers and large corporations.

Additionally, one has to keep in mind SMBs often control a lot more sensitive and confidential information compared to large corporations. This also means victims are more likely to pay exuberant ransomware demands, simply because they want to do what is right for their clients. Not receiving the decryption key after making such a payment is troublesome, though, yet there is no way to do much about it right now.

Most of the malware threats are a direct result of an SMB staffer opening an email with compromised attachments. it is impossible to run any business without email communication right now. It is sad to see so many companies lose sensitive data due to these attacks, especially after they’ve met the criminals’ demands. The best solution is still to use backups or improve security software practices as a whole. There is still a very long way to go for small and medium-sized businesses when it comes to preventing malware attacks, that much is evident.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Image(s): Shutterstock.com