Powered by MOMENTUM MEDIA
HR Leader logo
Stay connected.   Subscribe  to our newsletter
Tech

87% of SMBs would consider paying cyber criminals during ransomware extortion, says report

By Kace O'Neill | |4 minute read
87 Of Smbs Would Consider Paying Cybercriminals During Ransomware Extortion Says Report

Gone are the days of bad actors primarily targeting the big fish – instead, they have changed their tactics to go after vulnerable SMBs (small/midsize businesses) that may lack the security to repel their attacks.

Advertisement
Advertisement

As confidence in cyber security has grown among organisations, so have the tactics of bad actors and cyber criminals. A new report by ESET has revealed that Australian SMBs have the digital bullseye on them, with 60 per cent of them being targets for breach attempts or cyber security incidents over the past 12 months.

The spotlight has seemingly shifted from larger enterprises to smaller and more vulnerable businesses as the cyber security preventing such attacks may not be up to scratch. Respondents in the report agreed with this notion, with 76 per cent agreeing that smaller-sized businesses were more vulnerable to cyber attacks.

“Our report reveals that although SMBs are confident in their security measures and IT expertise, the majority still faced cyber security incidents over the past year. They feel more vulnerable compared to larger enterprises, underscoring the critical need for SMBs to enhance their security posture,” said Parvinder Walia, president of Asia-Pacific and Japan (APJ) for ESET.

Emerging as the top concerns for Aussie SMBs were email phishing and ransomware, with 72 per cent concerned about these threats, and an alarming amount even considering paying in the event of a ransomware.

“It is crucial for SMBs to understand that paying cyber criminals only perpetuates further cyber crime. Instead, they should focus on implementing proactive measures to prevent cyber attack,” said Walia.

It’s a dangerous game to play when paying in the event of ransomware, yet it’s understandable that some critical thinking would dissipate when put in a position of desperation and urgency to protect your business.

Oftentimes, paying ransomware doesn’t guarantee that the data will be recovered, and in some cases, businesses may actually be breaching Australian sanction laws, Commonwealth laws, and state laws by negotiating with the bad actors.

Instead of falling into this trap, immediately contacting trusted authorities should be the routine action.

The report revealed some of the potential safeguards that Aussie SMBs can deploy to dispel cyber crime from threatening their organisation.

  • Increased investment in cyber security: Forty-two per cent anticipate a rise in cyber security spending over the next 12 months, with 18 per cent of these firms expecting to do so by more than 80 per cent. In contrast, firms in Japan and India exhibit a more aggressive approach, showing a stronger inclination towards increased cyber security expenditure.
  • Potential third-party outsourcing: Thirty-six per cent of SMBs currently outsource a portion of their cyber security responsibilities to a third-party service provider, while 24 per cent manage cyber security in-house and do not plan to outsource. Looking ahead, 19 per cent intend to outsource some or all aspects of cyber security within the next 12 months.
Kace O'Neill

Kace O'Neill

Kace O'Neill is a Graduate Journalist for HR Leader. Kace studied Media Communications and Maori studies at the University of Otago, he has a passion for sports and storytelling.