82% of Ransomware Attacks Target Small Businesses, Report Reveals

Whilst Ransomware remains a threat to businesses of all sizes, companies with less than 1,000 employees are most at risk.
Aaron Drapkin

Small businesses are increasingly targeted by ransomware gangs, says a report by ransomware recovery specialists Coveware.

Released on February 3, the report looks in detail at ransomware attacks that took place during all four quarters of 2021. The findings reiterate the need for businesses to have reputable – and, crucially, up to date – antivirus software installed.

The study also concluded that the threat of discovery, exacerbated by high-profile takedowns of ransomware gangs widely covered in the media, was chipping away at the population of hackers and scammers prepared to risk jail time for a reward.

Ransomware is a Major Threat to Smaller Businesses

It’s typically large companies that make the headlines when it comes to ransomware attacks – more data is usually on the line, the ransoms are larger and there’s often a regulator waiting in the wings to issue a fine for poor data practices.

According to a report by ransomware recovery specialists Coveware, a “tactical shift” has been introduced by many ransomware gangs, which includes a “deliberate attempt to extort companies that are large enough to pay a ‘big game’ ransom amount but small enough to keep attack operating costs and resulting media and Law Enforcement attention low.”

“You can hit the jackpot once, but provoke such a geopolitical conflict that you will be quickly found. It is better to quietly receive stable small sums from mid-sized companies…” – LockBit 2.0 ransomware gang member.

Indeed, the report notes that 82% of attacks that took place in 2021 impacted organizations with less than one thousand employees. The graph below illustrates, companies with 11 to 100 employees make up a significant proportion of the overall victims:

Graph Showing Distribution of Ransomware attacks by company size

What Else did the Report Find Out?

One interesting conclusion the report draws is that dramatic, highly publicized law enforcement takedowns of ransomware groups and the very real threat of jail time have shrunk the demographic of individuals willing to carry out such attacks.

Another finding that all businesses should be aware of is the steadily increasing percentage of ransomware attacks that exploit some sort of software vulnerability:

Graph showing attack vectors of ransomware

However, the main way in for ransomware gangs is still RDP compromise – which involves obtaining a password for a system administrator or user –  so it's vital that all employees are using password managers to ensure their login credentials are as secure as possible.

Coveware also looked at the different types of professions suffering ransomware attacks. In Quarter 3, for instance, 12.8% of attacks were aimed at consumer services companies, whilst professional services accounted for 20.4% of all targeted victims. 10.2% of attacks in the same quarter were aimed at the public sector.

Preparing yourself for Malware and Ransomware

Nowadays, businesses operating in all four corners of the economy have to be prepared for ransomware and malware attacks. But US businesses need to be especially vigilant – around one-quarter of all global ransomware attacks target US businesses and individuals.

Some key tips for surviving ransomware attacks include ensuring, through training, that employees can identify what a phishing email looks like, and securely backing up all the data you hold. Email content and filtering scanning are also recommended.

Useful cyber security tenets like the principle of least privilege – that all employees must only have access to the data they need to do their jobs, and no more – should be implemented across all businesses.

Other useful tools that can help bolster your defenses include antivirus software, which needs to be kept up to date at all times. If the attacker is using a form of malware to try and subsume control of your computer and hold you to ransom, a reputable antivirus program will be your best bet in terms of detecting and flushing out that malware. 

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Aaron Drapkin is a Senior Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol three years ago. As a writer, Aaron takes a special interest in VPNs and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, The Week, and Politics.co.uk covering a wide range of topics.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals