Debunking The Top Five Myths About Ransomware And SMBs

SMBs have limited time and IT resources, and a lot on their plates – especially when it comes to cybersecurity. Unfortunately, SMBs have become the biggest target for ransomware attacks, and they need to face the harsh truth that ransomware can wreak havoc with data, budget and reputation.

In a typical ransomware scenario, the SMB receives a warning that critical data has been encrypted and the organization will need to pay a ransom to get the decryption keys. If the company decides to pay the ransom, there’s no guarantee the keys will be provided; an unfortunate 15% report that even after transferring the payment their data is not decrypted i . Even if they do manage to decrypt the data, they are likely to be hit again and again.

Those companies that refuse to pay the ransom may find themselves victim of a new, insidious threat: the attackers will steal a copy of the data, then threaten to sell it on the dark web. Should this happen, the company could be subject to steep fines if it fails to notify authorities in a timely manner, as required by GDPR and similar regulations, not to mention the potential damage to the company’s brand and reputation. And, again, just because the company was hit once doesn’t guarantee it won’t be attacked again.

Yet many SMBs are not aware of the risk they face. This paper will debunk the most common myths surrounding ransomware, and present ways to help prevent ransomware attacks, protect data and ensure an adequate recovery procedure.