Ransomware attacks are often a small business owner’s worst nightmare. Unfortunately, experts don’t believe ransomware attacks will let up anytime soon, with recent research from Datto finding that these attacks cost small businesses $301 million worth of ransomware money in 2016.
In a survey of 1,700 managed service providers working with a combined 100,000 small businesses, 99 percent of respondents said ransomware attacks are likely to pick up this year and next.
While the hundreds of millions of dollars lost to ransom payouts is a burden, Datto researchers warned that the downtime resulting from a cyber incident is actually more painful for businesses. Three-quarters of survey respondents said their small business customers experienced “business-threatening” downtime because of a ransomware attack.
“The impact of downtime affects SMBs far more than the cost of ransom requests,” said Robert Gibbons, Datto chief technology officer.
That conclusion could signal why so many small business pay the ransom in an effort to more quickly regain control of their data and systems, despite expert advice no to do so. Datto research found 35 percent of small firms paid the ransom, though that is a decline from the 41 percent that paid in 2016.
Separate research from CyberEdge Group found only 19 percent of businesses surveyed hit by a ransomware attack paid the ransom.
Analysts warned that even if the ransom is paid, there is no guarantee that data will be returned: 15 percent of businesses surveyed that paid the ransom said they were never able to recover their data.
“Paying a hacker in these situations not only incentivizes further attacks, but it provides criminals with the vital funds they need to continue their operations,” warned another expert, Carl Herberger, vice president of security solutions at Radware.