Ransomware coming for small businesses


Arthur Goldstuck | CEO | World Wide Worx  | @art2gee | mail me |

A recent research study by global data management providers Veaam among 1,200 IT leaders concluded that it was not a question of whether organisations would be targeted by cyberattacks, but how often.

Most of the attacks were designed to extract ransomware from the companies, and most companies paid up, thanks to insurance covering just this eventuality. Globally, said Veeam, 77% of ransoms were paid by insurance, but this figure rose to 82% of cyber-victims in Europe, the Middle East and Africa.

Fortunately for these companies, most of them were insured for the eventuality. Unfortunately for them, the cost of that insurance is rising steeply, and is increasingly being excluded from cyber insurance policies.

Criminals are turning their aim squarely onto SMEs

As challenging as this is for large enterprises who make juicy targets for hackers, spare a thought for smaller businesses that simply cannot afford this kind of insurance. And now, according to cybersecurity providers Trend Micro, the criminals are turning their aim squarely onto small and medium enterprises (SMEs).

Attack surfaces are expanding and increasing cyber risk at organisations of all sizes. Our research has shown that many executives don’t fully understand what resources their security teams need to discover and mitigate vulnerabilities.

– Gareth Redelinghuys, Managing Director for Africa at Trend Micro

This is an even greater challenge for SMEs, and in particular start-ups. Why would hackers attack small businesses or startups with their tiny revenue streams, as opposed to large enterprises worth billions, and who often rely on their insurers to pay up? On the surface, it would appear that the return on investment (ROI), so to speak, would not make smaller targets viable for cyber criminals.

The unique thing about the Middle East and Africa region is the sheer number of startups that are coming up every day. For a very long time, we were behind the curve when it came to entrepreneurship and startups. After COVID-19, the region has to some extent had an awakening, and startups, entrepreneurs, started popping up everywhere, in every single industry, on every single topic.

– Dr Moataz Binali, Regional Vice President and Managing Director for the Mediterranean, Middle East and Africa at Trend Micro

Most of the startups are in one way or the other technology-related. If they don’t have technology as a core, they have technology as a support factor. And the more technology comes up, the more you’re prone to have issues in cybersecurity. New technologies mean new loopholes, mean new threats, mean new vulnerabilities every day.

Fatal attraction

Clearly, the SME, the entrepreneur and the start-up are more vulnerable than large organisations, because they don’t have large teams to manage their cybersecurity infrastructure. They also tend not to put capital investment into cybersecurity, versus their core business. But there is an even more potent reason for them coming under attack at a scale never seen before.

With the sheer numbers of vulnerable startups coming up, their quantities have just become so large that, from an attack perspective, the ROI makes sense. So if I develop ransomware right now, the ROI is that it could reach a thousand startups. For me, if I was a criminal, that is better than the ROI coming from me attacking one organisation.

And then there is the final, fatal attraction. Moreover, all of these startups have something that a lot of other big organisations don’t, which is the open connectivity between them. Their technologies are not usually 100% separate. They piggyback on top of each other’s developments and technologies. So at one stage, if you hit one, you hit 10. And if you hit 10, you actually end up hitting 1,000.

Startups are ripe for ransomware.



Please enter your comment!
Please enter your name here