Threat Intelligence

9/21/2017
09:34 AM
50%
50%

SMBs Paid $301 Million to Ransomware Attackers

But small- to midsized businesses are taking a tougher stand against ransomware attacks, according to a survey released today of the 2016-2017 period.

Ransomware attacks against small- to midsized businesses (SMBs) are expected to increase over the next two years, according to a survey released today by Datto.

The State of the Channel Ransomware Report, which surveyed 1,700 managed service providers (MSPs) that collectively have more than 100,000 SMBs customers, found 99% of survey respondents say they expect the increase in ransomware attacks will continue over the course of two years.

Ninety-three percent of MSPs say their SMB clients were hit with a ransomware attack in the past two years; 21% report their clients faced six or more attacks during the last year; and 26% note their SMB customers experienced multiple attacks in a single day.

SMBs paid out an estimated $301 million in ransom to attackers in the 2016-2017 period, the report shows.

However, less than one in three SMBs reported their ransomware attack to authorities in the 2016-2017 period, an improvement from one in four during the 2015-2016 timeframe. 

Read more about the survey here

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

 

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/22/2017 | 7:20:51 AM
Backups
Seems like SMB's are moving in the right direction. But $300 million is still a hefty sum. This metrics is perfect to make a case towards a robust backup platform. (With test backup processes)
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
9/22/2017 | 8:19:53 AM
Re: Backups
SMB is generally support by a managed services firm or often a local self-employed consultant and I have looked at my past support protocols --- SHOCKED at some of them with what I have learned recently.  My backups were good and tested.  Whew.  But in other areas I stand in shame.  Your support entity HAS to be responsible for these issues and I now that should be a LEGAL requirement as well!!!

Ever since i joined a malware forensics team in Georgia, i am astonished some of my clients lasted as long as they did!!!  
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/26/2017 | 2:49:47 PM
Re: Backups
SMB is generally support by a managed services firm That is true, they mainly take care of basic stuff and ask for more if more security is needed.
LouiseMiller
50%
50%
LouiseMiller,
User Rank: Apprentice
10/10/2017 | 9:14:31 AM
Re: Backups
So what does it mean? 
LouiseMiller
50%
50%
LouiseMiller,
User Rank: Apprentice
7/3/2018 | 5:06:45 AM
Re: Backups

Hi! My name is Louise Miller - a copywriter, a rewriter, an optimizer, a seller of services and goods through an effective advertising syllable, a delicate psychologist of purchasing souls who has many years of experience in business and trade.

In other words: I write texts! Clear and simple texts for websites, easily and with pleasure read (at least I try to make them exactly so). But this does not mean that I can not rewrite any scientific work. This is a unique content of information and advertising nature, written for people in an accessible and understandable language and simultaneously well perceived by search engines.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/26/2017 | 2:53:21 PM
Re: Backups
My backups were good and tested That is good, unless backup is verified it is not that problem-proof. If current files are encrypted , backups might be encrypted too.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
9/26/2017 | 2:59:22 PM
Re: Backups
They have to be catalog backups, every 24 hours and not to over-write old data otherwise the next cycle just backs up encrypted files from "now" instead of good files from "then."  I am proud that a 501C3 that got wrecked by Crypotlocker in 2014, under rmy care, had 98% of workstation and server data TOTALLY RESTORED within 3 hours the next business day.  I  maintained proper OFFSITE, CATALOG storage and it worked. 
ROMAN45
0%
100%
ROMAN45,
User Rank: Apprentice
9/27/2017 | 2:48:30 AM
Re: Backups
I heard that SMB is by and large help by an oversaw benefits firm" That is valid, they predominantly deal with fundamental stuff and request progressively if greater security is required.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/26/2017 | 2:54:27 PM
Re: Backups
Ever since i joined a malware forensics team in Georgia Agree. It is a good idea to be part of an organization that we can get constant current updates on the issues.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/26/2017 | 2:46:35 PM
Re: Backups
This metrics is perfect to make a case towards a robust backup platform Agree. Backups is critical, they need to go beyond that and avoid any downtime,
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/26/2017 | 2:45:33 PM
Ransomware
Ransomware is a lucrative business today. There is no surprise that there will be more of it next two years. Businesses need to get ahead of it.
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14332
PUBLISHED: 2018-07-19
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user...
CVE-2018-1529
PUBLISHED: 2018-07-19
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...
CVE-2018-1535
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...
CVE-2018-1536
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...
CVE-2018-1585
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...