Small businesses are a lucrative target for cybercriminals trying to launch ransomware malware attacks, and the problem is only getting worse. Careless employees are tricked, typically using phishing emails, and the custom malware encrypts various files - demanding a ransom payment or the files will be permanently encrypted.
"They set the ransom so low that, as violated as I feel and as much as I wanted to fight, at the end of the day I realized I can pay and get back to work," said Mark Stefanick, president of Advantage Benefits Solutions, in a statement published by the Wall Street Journal. Stefanick chose to pay the $400 ransom so files were quickly decrypted and his company could get back to normal operation.
Around 30 percent of ransomware victims choose to pay the ransom to end the cyberattack, according to Trend Micro chief cybersecurity officer Tom Kellerman. There were at least 250,000 new ransomware samples studied by Intel Security during Q4 2014, a whopping 155 percent increase quarter-over-quarter.
SMBs are seen as a soft target by cybercriminals because they often lack sophisticated cybersecurity defenses, and don't have an IT staff on-hand to address problems.