Why Ransomware Attacks Prefer Small Business Targets Rather Than Rich Enterprises
Enterprise businesses with 25,000 employees+ are less likely to get hit by a ransomware attack than smaller businesses — even though big companies typically can afford to pay higher ransoms, the 2022 Cyber Edge Cyberthreat Defense Report concluded.
What explains hackers taking aim at small businesses more frequently than enterprise giants? The answer: Damaging a critical infrastructure facility or similar disruptions are certain to catch the eye of federal law enforcement, or national governments — something that no hacker wants, CyberEdge said. Smaller to medium-sized firms, as it turns out, get hit more frequently by ransomware attacks, on average at roughly 70 percent, the report said.
Overall, some 71 percent of organizations have been bitten by ransomware in 2022, up a point and a half from last year and by 8.5 points in 2020. It’s companies of 10,000 to 24,999 employees that are the sweet spot for ransomware hackers, nearly 75 percent of which are victimized by cyber extortionists.
The extensive study, which surveyed 1,200 security decision makers and practitioners employed by companies of greater than 500 people in 17 countries across 19 industries, is geared to helping gauge their internal practices and investments against those of their counterparts in other parts of the world.
Nonetheless, companies are more prepared now than ever before to pay ransoms. The percentage of organizations that paid ransoms increased to 63 percent, up six points from 2021 and five points from 2020. Paradoxically, ransomware crooks have figured out that helping an organization to get its data back is good business. Why? Because apparently it creates good will among thieves and victims, increasing the likelihood that others will pay ransoms, too.
Indeed, since 2020, the percentage of organizations that paid ransoms and recovered their data climbed to 72 percent from 69 percent, along with companies’ boosted willingness to pay, up 5.4 percent over two years and a spike in attacks, up nearly 9 percent in the same period.
As one might expect, the finance industry was more affected by ransomware in the last 12 months than any other sector. More than eight in 10 organizations (81%) experienced an attack. By comparison, nearly three in four in telecom and technology (74%), slightly less in education (73%) and roughly two in three in retail (67%) took the brunt of ransomware. The least affected were healthcare (58%) and government (46%).
Geographically, a staggering nine in 10 organizations in China were hit by ransomware, followed by South Africa (82%) and the U.S. at 81.6 percent. Mexico (46%) and Turkey (45%) were the least affected geographically.
As for cybersecurity trends in 2022, CyberEdge listed the following takeaways:
- There has been no let up of pressure on security teams. The percentage of organizations that experienced six or more cyber attacks increased to 41 percent. And the number of respondents who believe a successful attack is likely to occur has increased to 76 percent.
- The biggest security issue for many organizations is a shortfall in workforce and low security awareness among employees.
- Ransomware and account takeover are close to superseding malware as the top threat.
- Security teams are getting a handle on COVID-19 and the new normal. Security teams have adjusted to deploying and managing technology and processes to build security into web and mobile applications.
CyberEdge’s study is not confined just to ransomware. It also includes data on web and mobile attacks, budget allocations and practices and strategies.