Quantifying the threat to SME organizations

We hear about ransomware in the press, and some highly successful attacks including Bad Rabbit, Jigsaw and GandCrab have achieved almost household name status. The last of these, GandCrab, is considered to be the most popular multi-million dollar ransomware campaign to date.

But what does all this mean to your company? In this article we can share some basic statistics about ransomware, its prevalence, how it gains a foothold and the overall impact it has on the small and midsize organizations unfortunate enough to be caught out.

Key Findings for 2019

According to Strategy Analytics' research of ransomware in the North American market for small and midsize businesses:

  • Ransomware is the most prominent malware threat, according to 85% of managed service providers questioned.
  • In the first half of 2019 alone, 56% of US MSPs reported attacks against their clients.
  • 15% of MSPs reported seeing multiple ransomware attacks in a single day.
  • On average, 1 in 5 SMEs reported they had fallen victim to a ransomware attack.
  • Phishing emails are seen as the leading cause of introducing a successful attack to a company, with lack of cybersecurity training, weak passwords and poor user practices among the top causes for this.
  • Nearly half of all MSPs report victimized clients experiencing business-threatening downtime.
  • The average ransom demanded by hackers has increased 37% year on year, to approximately $5,900.
  • Downtime costs are up by more than 200% year on year, and the average cost of downtime is 23x the average ransom demanded.
  • 92% of MSPs report that clients with business continuity and disaster recovery solutions in place are less likely to experience significant downtime.
  • 4 out of 5 MSPs reported that victimized clients with BCDR in place recovered from the attack in 24 hours or less.

Prevalence of Malware Targeting SMEs

During the last two years, the type of malware seen to target SMEs was:

  • 61% - viruses including ransomware
  • 54% - adware
  • 46% - spyware
  • 29% - cryptojacking
  • 26% - remote access trojans
  • 20% - rootkits
  • 18% - worms
  • 14% - keyloggers
  • 13% - exploit kits

Doing the math: What risk does a small business actually run?

Consider a small business like an architects practice with 40 users.

  • Probability of being targeted: 56% x 61% = 34%
  • Cost of ransom if paid = $5,900
  • Cost of downtime if ransom not paid = $135,700

In this case, the annualized value at risk for the business lies between $2,006 and $46,138 depending on whether the business decides to pay the ransom (which doesn't actually guarantee resolution - you're dealing with criminals, after all). Even if the business decides to take a chance on the ransom payment, the cost of the ransom exceeds the cost of implementing adequate protection in the first place. Why take the chance?

Related Services

Autonomous AI Endpoint Security Platform


Business Continuity and Disaster Recovery


Third-Party Patch Management


Endpoint Monitoring and Management


Network Monitoring and Management