UK SMBs are failing to address ransomware threats

Many businesses are failing to protect themselves from cyber-threats such as ransomware, leaving themselves at risk of serious losses, new research has revealed.

Despite the publicity given to recent large-scale attacks such as WannaCry and Petya, British small and medium businesses still aren't implementing effective security protection in order to keep themselves safe online.

UK companies appear to be suffering from a false sense of security when it comes to ransomware and other kinds of attacks, with 87 per cent of companies surveyed by Webroot confident that their staff would be able to fully address or eliminate an issue - even though 72 per cent admitted that their businesses wouldn't be prepared to deal with damaging external threats.

Overall, only 42 per cent of businesses surveyed said that they thought they would be susceptible to ransomware attacks in 2017, with malware infections (59 per cent), mobile attacks (53 per cent) and phishing (48 per cent) all ranking higher up the list of concerns.

This was despite more than 60 per cent of companies having already been affected by ransomware, with the financial and retail sectors being hit the hardest.

“The lack of concern about ransomware is leaving a gaping hole in the security of global businesses, as witnessed by the recent outbreaks of WannaCry and not-Petya," said Adam Nash, EMEA regional manager, Webroot. 

This combined with the UK’s false sense of security when it comes to businesses’ ability to manage external threats is worrying. Small- to medium-sized businesses can no longer afford to put security on the back burner and need to start engaging with the issues and trends affecting the industry. Enlisting the help and expertise of a Managed Security Services Provider is one way to implement a secure, layered approach to combat external threats.”

The cost of ransomware attacks was also revealed to be punishingly high for UK SMBs, with the poll recipients estimating that a cyberattack on their business that resulted in customer records or critical business data being lost would cost an average of £737,677 in the UK. Perhaps with this in mind, nearly all (98 per cent) of those polled said they planned to increase their annual IT security budget in 2017 compared to 2016.

Want to read more about ransomware? Check out all our coverage here.